515-E VPN clear crypto isakmp sa

Unanswered Question
Oct 2nd, 2007


i have a pair of VPN connection from PIX515-E, after issuing the command:

clear crypto isakmp sa

now none of the VPN tunnels come backup again and show isakmp sa - show something like this

mbryonic : 0

dst src state pending created

x.x.x.x x.x.x.x QM_IDLE 0 0

with QM_IDLE status but can not be created (0)

and then a little while later it disappears and this process keeps repeating

show logs on the PIX-515E i am still seeing trafic hitting the firewall.

Reboot peer FW dfoes not sold the problem. What could be likely be the issue ?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (1 ratings)
ajagadee Tue, 10/02/2007 - 04:33


Can you post the cry isakmp and deb cry ipsec debugs from both the pixes.




This Discussion