VPN tunnel problem

Unanswered Question
Jul 13th, 2008
User Badges:

hello ,

I have PIX 515E PIX

I have changed my tunnel peer ip from peer from 195.11.199.144 to 195.11.204.5

After chenging the peer ip my existing tunnel goes down and i get following error.

195.11.204.5 X.X.X.226 MM_NO_STATE 0 0


Kindly help me out to overcome this issue.



-Ajinkya Kulkani.



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
a.alekseev Sun, 07/13/2008 - 23:07
User Badges:
  • Gold, 750 points or more

Why are you going to change peer's ip address?

ajinkya.k Sun, 07/13/2008 - 23:10
User Badges:

Hi a.alekseev

This is my customer reqirement.


Ajinkya

a.alekseev Sun, 07/13/2008 - 23:13
User Badges:
  • Gold, 750 points or more

so both of you must do some modifications.


you need also set pre-shared key for the new peer's address


[Pls RATE if HELPS]

ajinkya.k Sun, 07/13/2008 - 23:19
User Badges:

I hve allready configured following configuration.

no crypto map newmap interface outside

no crypto map newmap 171 set peer 195.11.199.144


no isakmp key ********* address 195.11.199.144 netmask 255.255.255.255 no-xauth no-config-mode


crypto map newmap 171 set peer 195.11.204.5


isakmp key ******** address 195.11.204.5 netmask 255.255.255.255 no-xauth no-config-mode


clear crypto ipsec sa


clear crypto isakmp sa


crypto map newmap interface outside


Setting were applied successfully however Still VPN tunnel is not been initiated.



a.alekseev Mon, 07/14/2008 - 00:29
User Badges:
  • Gold, 750 points or more

Ask your client...

Have they the configuration changed?


I think that in "isakmp key ******** address 195.11.204.5 netmask 255.255.255.255 no-xauth no-config-mode"

you entered a real key, not just "********"


ajinkya.k Mon, 07/14/2008 - 01:26
User Badges:

hi

no configurstion changes has been changed except peer IP add and we entered real keys

not just "******"


-ajinkya

a.alekseev Mon, 07/14/2008 - 02:17
User Badges:
  • Gold, 750 points or more

so,


debug crypto ipsec

debug crypto isakmp

ajinkya.k Mon, 07/14/2008 - 03:10
User Badges:

Hi,

I will check debug command and let you know tomorrow.

Kindly be with me.


Ajinkya

Actions

This Discussion