Site-To-Site VPN between 7.1 (1) and 6.3 (5)

Unanswered Question
Sep 17th, 2007

Can someone please look at my config and tell me what's wrong with it because i can't figure it.

I have been trying to create a site to site vpn without any luck. However, i have been successfully created a vpn for my clients.

Thanks in advance!!

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jon Marshall Mon, 09/17/2007 - 23:41

Hi

I can't see any Phase 1 isakmp settings in your pix 6.3 config, ie you need

1) isakmp policy

2) isakmp key

3) isakmp enable

HTH

Jon

mfreijser Tue, 09/18/2007 - 01:14

As said above, you are completely missing ISAKMP configuration. Try adding the following commands to your Pix with software version 6.3(5):

isakmp enable outside

isakmp identity address

isakmp policy 10 authentication pre-share

isakmp policy 10 encryption 3des

isakmp policy 10 hash sha

isakmp policy 10 group 2

isakmp policy 10 lifetime 86400

isakmp key **** address 71.4.148.xxx netmask 255.255.255.255

Notice that you should replace the **** with the same pre-shared key you configured on the PIX/ASA with software version 7.1(1)

Please rate the post if it's usefull to you!

Regards,

Michael

Actions

This Discussion