SQL Cluster Issues

Unanswered Question
Aug 6th, 2009

We have our Primary site and Backup site connected through varoius routers and a PIx at each site. From our Backup Site we can connect to the two Physical host servers of the SQL CLuster, But are unable to connect to the Virtual Address. After doing some searching, I can see the packets getting to the PIX 515 at the Primary site, but this traffic does no leave the PIX. THe logs show no reason why this would be blocked, and all ACL's permit these hosts to communicate. Would anyone have an idea on how to troubleshoot this issue.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
sbilgi Wed, 08/12/2009 - 13:12

The inability to pass data on an established IPsec tunnel between a VPN Client and a PIX is frequently encountered when you cannot ping or Telnet from a VPN Client to any hosts on the LAN behind the PIX. In other words, the VPN Client and PIX cannot pass encrypted data between them. This occurs because the PIX has a LAN-to-LAN IPsec tunnel to a router and also a VPN Client. The inability to pass data is the result of a configuration with the same access control list (ACL) for both the nat 0 and the static crypto map for the LAN-to-LAN IPsec peer.



This Discussion