Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
253
Views
0
Helpful
1
Replies

PIX 7.0 to MS ISA 2006 VPN

g.leonard
Level 1
Level 1

‎05-14-2008 06:33 AM - edited ‎03-11-2019 05:45 AM

Strangely the ISA Server is using a dynamic crypto map instead of the crypto map that I have configured for it?

Anyone seen this before?

Have checked settings and both ISA and PIX are using same settings for Phases 1 and 2.

Has anybody actually setup a VPN between these two. Have read lots of theory but no evidence of it actually working?

Many thanks

Labels:
0 Helpful
1 Reply 1

smahbub
Level 6
Level 6

‎05-20-2008 06:21 AM

Check if the command "crypto map map-name seq-num [ipsec-isakmp] [dynamic dynamic-map-name] [discover] [profile profile-name]" with "dynamic" option is used as this will make the dynamic map to be used instead of the crypto map configured.

Dynamic option specifies that this crypto map entry is to reference a preexisting dynamic crypto map. Dynamic crypto maps are policy templates used in processing negotiation requests from a peer IPSec device. If you use this keyword, none of the crypto map configuration commands will be available.

Try using "crypto map map-name seq-num [ipsec-manual]"

Refer teh following url for more information about this command:

http://www.cisco.com/en/US/docs/ios/12_3/security/command/reference/sec_c2g.html#wp1073142

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card