After PIX upgrade from 6.3 to 7.2(2) VPN doesn?t work
I have configured site-to-site VPN between PIX and router 871. After upgrade to version 7 , I am not able to access the remote network. I am using ver 7.2(2) in the pix and IOS ver 12.4(6)T2 in the router. The ACLs for no nat and encryption are :
access-list encryp permit ip 172.16.0.0 255.240.0.0 192.168.130.0 255.255.254.0
access-list encryp permit ip 192.168.0.0 255.255.255.0 192.168.130.0 255.255.254.0
access-list nonat permit ip 172.16.0.0 255.240.0.0 192.168.128.0 255.255.128.0
access-list nonat permit ip 192.168.0.0 255.255.255.0 192.168.128.0 255.255.128.0
Is possible that the pix OS ver 7 do not support this ACLs type (IP class B with mask /12 or IP class C with mask /17 ??
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...