- Bronze, 100 points or more
I have a site to site that was previously up and working but it is not now. An ASA is on the side I control and a PIX is on the other end. The weird thing is isakmp seems to be up but not ipsec, as below
ASA5510# sh crypto isakmp sa
IKE Peer: x.x.x.x
Type : L2L
Role : responder
Rekey : no
State : MM_ACTIVE
ASA5510# sh crypto ipsec sa peer x.x.x.x
There are no ipsec sas for peer x.x.x.x
When I try to go across the tunnel I get no matches on the acl but there are hit counts from when it was previously working and a debug seems to reveal nothing.
I find it weird that there is no output for the ipsec sa. Does anyone have any ideas? Thanks.