Pix 525 Firewall looses routing for a LAN to LAN VPN through it

Unanswered Question
Nov 25th, 2009

Hi,

We have a pix 525 firewall and have many different VPN's through it, however we have a VPN passed through the PIX between two firewalls with one firewall in London and the other passed through our PIX firewall and then across a wireless bridge to another firewall. This VPN looses its routing for no reason and at irregular times and gives us the error:

Nov 15 2009 14:37:02: %PIX-6-110003: Routing failed to locate next hop for UDP f
rom inside:62.xx.xxx.x/500 to inside:95.xxx.xx.xxx/500

We have put a static route in for this so it won't loose the route but this doesn't work as the error above is after the static route was added. It also sees the route as inside when the static route we added clearly marked it as outside. We have similar setups that work fine but they don'tgo across the wireless bridge. All web traffic works fine when it looses the hop just port 500 and now SIP. The wireless bridge is a ligo and doesn't appear to loose packets or have interference issues

Our IOS is Version 8.0(4) .

All the ports are open on our PIX to allow the pass through for the two connecting firewalls.

Can anyone help?

Thanks

Thanks

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Richard Bradfield Wed, 11/25/2009 - 13:53

the only thing I can think of, is the wireless bridge, are you getting any traffic drops across the bridge? how much traffic do you pass across the bridge?

scottmaynard Thu, 11/26/2009 - 02:24

Hi,

Thanks for the reply. I was wondering that but the traffic loss seems very very low. The capacity of the Wireless Bridge is 70mb and we are passing across it approximately 5 to 10mb max. This is the only thing i can think off but as the traffic loss is so low i can't think why it would lose the routing, although other connections work fine that aren't using the bridge.

Thanks,
Scott

scottmaynard Thu, 11/26/2009 - 02:50

Hi,

Thanks for the reply. I was wondering that but the traffic loss seems very very low. The capacity of the Wireless Bridge is 70mb and we are passing across it approximately 5 to 10mb max. This is the only thing i can think off but as the traffic loss is so low i can't think why it would lose the routing, although other connections work fine that aren't using the bridge.

Thanks,
Scott

Actions

This Discussion