VPN tunnel problem

ajinkya.k · ‎07-13-2008

hello ,

I have PIX 515E PIX

I have changed my tunnel peer ip from peer from 195.11.199.144 to 195.11.204.5

After chenging the peer ip my existing tunnel goes down and i get following error.

195.11.204.5 X.X.X.226 MM_NO_STATE 0 0

Kindly help me out to overcome this issue.

-Ajinkya Kulkani.

a.alekseev · ‎07-13-2008

Why are you going to change peer's ip address?

ajinkya.k · ‎07-13-2008

Hi a.alekseev

This is my customer reqirement.

Ajinkya

a.alekseev · ‎07-13-2008

so both of you must do some modifications.

you need also set pre-shared key for the new peer's address

[Pls RATE if HELPS]

ajinkya.k · ‎07-13-2008

I hve allready configured following configuration.

no crypto map newmap interface outside

no crypto map newmap 171 set peer 195.11.199.144

no isakmp key ********* address 195.11.199.144 netmask 255.255.255.255 no-xauth no-config-mode

crypto map newmap 171 set peer 195.11.204.5

isakmp key ******** address 195.11.204.5 netmask 255.255.255.255 no-xauth no-config-mode

clear crypto ipsec sa

clear crypto isakmp sa

crypto map newmap interface outside

Setting were applied successfully however Still VPN tunnel is not been initiated.

a.alekseev · ‎07-14-2008

Ask your client...

Have they the configuration changed?

I think that in "isakmp key ******** address 195.11.204.5 netmask 255.255.255.255 no-xauth no-config-mode"

you entered a real key, not just "********"

ajinkya.k · ‎07-14-2008

hi

no configurstion changes has been changed except peer IP add and we entered real keys

not just "******"

-ajinkya

a.alekseev · ‎07-14-2008

so,

debug crypto ipsec

debug crypto isakmp

ajinkya.k · ‎07-14-2008

Hi,

I will check debug command and let you know tomorrow.

Kindly be with me.

Ajinkya