Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

PIX VPN tunnel changes from L2L to User

I have a Pix 515E running v7.2. I can configure a site-to-site VPN and it works. I configure the next and it swings from L2L to User and fails, sometimes it will start as L2L then after about 8hours it becomes User and fails. If I configure a third it comes up as either L2L or User. I had no problems with 6.3. Help please

5 REPLIES
New Member

Re: PIX VPN tunnel changes from L2L to User

sorry what do you mean by changing from l2l to user.

Is the username and pasword prompt/ Xauth

Regards

New Member

Re: PIX VPN tunnel changes from L2L to User

IKE Peer: 213.123.155.41

The tunnels are site-to-site and should be as follows.

Type : L2L Role : initiator

Rekey : no State MM_ACTIVE

2 IKE Peer: 213.123.166.33

Type : L2L Role : initiator

Rekey : no State : MM_ACTIVE

But every now and again the second tunnels changes to

IKE Peer: 213.123.166.33

Type : User Role : initiator

Rekey : no State : MM_WAIT_MSG2

and stops working

Gold

Re: PIX VPN tunnel changes from L2L to User

can you post a config?

New Member

Re: PIX VPN tunnel changes from L2L to User

Thsi is my config. I have added a cisco vpn client configuration, but it happens regardless of wether the client is configured or not

New Member

Re: PIX VPN tunnel changes from L2L to User

Hi,

Can not see anything wrong apart

tunnel-group-map default-group DefaultL2LGroup

This will make most connection look like site to site if it can not resolve the tunnel group that the connection belongs to .

May try upgrade .

Regards

451
Views
0
Helpful
5
Replies