Problems with Tunnel from pix A to pix B

Unanswered Question
Oct 18th, 2008
User Badges:

VPN Parameters


pix B end point is 66.66.66.66

pix B network is 192.168.50.0/24


pix A will need to make ACL from 172.24.176.9 to host 192.168.50.83 and 192.168.50.86


pix A will need to NAT intresting traffic to 172.24.176.0 /24


pix A

Phase 1

Authentication: Pre-Shared

Encryption: 3DES

Hash: SHA

DH: 1

Lifetime: 86400 sec


Phase 2

ESP encryption 3DES

ESP authentication

Lifetime 28800


pix A


outside 12.12.12.12 /24

insdie 192.168.1.2 /24


Problem creating tunnel from pix A to pix B

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
c-drozd Sun, 10/19/2008 - 06:19
User Badges:

I beleive my problem is configuring the ACL properly. If I am correct if the ACL is correctly configured then a tunnel can not be created?

c-drozd Sun, 10/19/2008 - 07:54
User Badges:

Reposting message because of typo. I beleive my problem is configuring the ACL properly. If I am correct if the ACL is not correctly configured then a tunnel can not be created?

ajagadee Wed, 10/22/2008 - 16:34
User Badges:
  • Cisco Employee,

Yes, are correct. ACL is what defines the interesting traffic for IPSEC and that is what triggers your IPSEC L2L Tunnel.


Can you post the Pix configuration along with the outputs of "deb cry is" and "deb cry ips".


Regards,

Arul


*Pls rate if it helps*

Actions

This Discussion