02-09-2009 11:45 AM - edited 03-11-2019 07:47 AM
Hopefully someone can help with a termination issue I'm having with a PIX-515e firewall; software version 6.3.4, pdm version 3.0.2.
We're getting constant vpn termination errors (reason 412 and 413) from a group of users at one location. I am by no means a pix guru, but I've verified that nat-t is configured. I can't figure out how to determine if there is a group policy set. I'd be happy to post or email the current config if that will help - it's about 150 lines long.
02-09-2009 02:24 PM
Go ahead and post it, we need to see if you are missing some lines there
02-10-2009 01:23 PM
02-10-2009 01:32 PM
Well it all looks good on your config, can you turn on the following debugs?
debug crypto isakmp
debug crypto ipsec
02-12-2009 10:03 AM
Using the CLI, I entered the two commands you listed. But, I'm not sure what to do next.
02-12-2009 10:04 AM
You need to get a vpn client to try to connect to your pix to generate debug logs
03-04-2009 05:53 AM
Now that the debug logs have been enabled for several weeks, where do I find the log files?
03-04-2009 06:56 AM
If you did not set any syslog servers, you need to get the output of the show log, however this log is a circular buffer most likely some events have been overwritten.
03-04-2009 09:07 AM
And how exactly do I get the output of the show log?
03-04-2009 09:11 AM
on CLI you type "show log"
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: