cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
342
Views
0
Helpful
3
Replies

Dynamic L2L - Static tunnel not working

guilherme
Level 1
Level 1

Hi,

I must configure a 2821 with one dynamic ipsec peer, one static ipsec peer and vpn clients but I guess I am missing something, I wonder if someone can help me.

I have figured how to configure the devices by following some Cisco VPN documentations but I just can't get the static peer to work, it seem to be asking for Xauth and I can't find a way to bypass it. The dynamic peer and VPN Clients are working perfectly.

Router config and isakmp debugs are attached.

Thanks!

Guilherme

3 Replies 3

auraza
Cisco Employee
Cisco Employee

What about the debugs on the other side? Looks like it could be a pre-shared-key mismatch, because of the way your profiles / keyrings may be set up.

There are the debugs of the other side (PIX 501).

I'm sure that the keys match on both sides.

Any ideas?

Problem solved.

Just had to set "isakmp identity address" on the PIX501 and it worked.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: