PIX Configuration

Answered Question
Dec 22nd, 2007

Could someone review my config? I need all traffic to flow accross the tunnel from one network to the next. I believe my access list and crypto map is right.

I have this problem too.
0 votes
Correct Answer by royalblues about 9 years 1 month ago

Crypto access list is fine but the access-list configured on the interface is also referencing the same access-list which is wrong.

Since you do not have the sysopt connection permit-IPSec command configured, you would be required to allow the IPsec traffic in your access-lists applied on the interface

Have a look at this link for a PIX-to-PIX IPSEC config example

http://www.cisco.com/warp/public/110/38.html

HTH

Narayan

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
royalblues Sun, 12/23/2007 - 07:37

Crypto access list is fine but the access-list configured on the interface is also referencing the same access-list which is wrong.

Since you do not have the sysopt connection permit-IPSec command configured, you would be required to allow the IPsec traffic in your access-lists applied on the interface

Have a look at this link for a PIX-to-PIX IPSEC config example

http://www.cisco.com/warp/public/110/38.html

HTH

Narayan

Actions

This Discussion