site to site and remote access inpix 515e

Unanswered Question
Jun 20th, 2009
User Badges:

i have pix 515e configured with remote access connection,it is working fine.,now there is requirement to configure site to site connection also, but once i configure crypto map for the site to site ,and try to connect using remote access ,am able to connect but not able to ping the internal network,the crypto map for static is of lower number ,am attaching the config,please advise me,i have to remove the config for crypto map site to site ,so that the remote access works fine again.


please advise me how to configure pix to have both site to site and remot acces,


it is pix 515e with pix ios 6.3(5)



Attachment: 
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Patrick0711 Sun, 06/21/2009 - 20:39
User Badges:
  • Bronze, 100 points or more

The nat-exempt access-list (102) is also referenced by the crypto map.


You must specify a separate access-list for your site-to-site VPN encryption domain.



shajil Mon, 06/22/2009 - 12:53
User Badges:

thanks so much for the reply,now site to site confgiured between site a and b,when try to ping tunnel getting up,but no ping replies,i see packets get encrypted in show ipsec sa,am attaching the configs please verify and advise what is the problem



Attachment: 

Actions

This Discussion