Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
341
Views
0
Helpful
2
Replies

site to site with 501

Go to solution
manilla77
Level 1
Level 1

‎11-12-2008 08:55 AM - edited ‎02-21-2020 03:05 AM

Long time reader, first time post.

I am trying to create a site-to-site tunnel between two 501 PIXs. I have rummaged through multiple forums and Cisco white papers and I cannot create this tunnel. Any help would be appreciated.

I have done a debug crypto ipsec and debug crypto isakmp. I get nothing on both sides…just a cursor blinking back at me.

Attached are my configs.

thanks in advance,

Preview file
7 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
ajagadee
Cisco Employee
Cisco Employee

‎11-12-2008 09:24 AM

Hi David,

Couple of things:

1. Make sure that you have logging enabled to see the debugs.

Logging on

Logging Buffered Debugging

2. Also, where are you initiating the IPSEC Traffic. It has to be from a host behind the Pix 501. You cannot initiate IPSEC Traffic from the pix itself.

Regards,

Arul

*Pls rate if it helps*

http://www.cisco.com/en/US/docs/security/pix/pix63/command/reference/gl.html#wp1028090

View solution in original post

0 Helpful
2 Replies 2

Go to solution
ajagadee
Cisco Employee
Cisco Employee

‎11-12-2008 09:24 AM

Hi David,

Couple of things:

1. Make sure that you have logging enabled to see the debugs.

Logging on

Logging Buffered Debugging

2. Also, where are you initiating the IPSEC Traffic. It has to be from a host behind the Pix 501. You cannot initiate IPSEC Traffic from the pix itself.

Regards,

Arul

*Pls rate if it helps*

http://www.cisco.com/en/US/docs/security/pix/pix63/command/reference/gl.html#wp1028090

0 Helpful

Go to solution
manilla77
Level 1
Level 1
In response to ajagadee

‎11-12-2008 09:59 AM

I was just getting ready to reply to my original post. I think by posting, it scared the VPN tunnel into working. Not sure what I did, but its working. I think possibly clearing crypto ipsec sa and clear crypto isakmp sa helped even though I had tried this before. Thank you very much for the quick response.

Case closed!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card