PIX Configuration

Answered Question
Dec 22nd, 2007
User Badges:

Could someone review my config? I need all traffic to flow accross the tunnel from one network to the next. I believe my access list and crypto map is right.



Correct Answer by royalblues about 9 years 5 months ago

Crypto access list is fine but the access-list configured on the interface is also referencing the same access-list which is wrong.


Since you do not have the sysopt connection permit-IPSec command configured, you would be required to allow the IPsec traffic in your access-lists applied on the interface


Have a look at this link for a PIX-to-PIX IPSEC config example

http://www.cisco.com/warp/public/110/38.html


HTH

Narayan

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
royalblues Sun, 12/23/2007 - 07:37
User Badges:
  • Green, 3000 points or more

Crypto access list is fine but the access-list configured on the interface is also referencing the same access-list which is wrong.


Since you do not have the sysopt connection permit-IPSec command configured, you would be required to allow the IPsec traffic in your access-lists applied on the interface


Have a look at this link for a PIX-to-PIX IPSEC config example

http://www.cisco.com/warp/public/110/38.html


HTH

Narayan

Actions

This Discussion