Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Problem creating Site-to-Site VPN between ASA 5510 8.0(3)and PIX 506 6.3(5)

Hi,

I am trying to set up a Site-to-Site VPN between ASA 5510 and a number of PIX 506E and PIX 501. The PIX 506E at the Headoffice is being swapped with two ASA5510 configured in Active-Standby.

I created the L2L VPN on ASA with the ASDM. But I couldn't get the ASA to establish VPN tunnels with the PIXs.

I saw that on the ASA config that PFS is enabled by default when I created the VPN using ASDM.

PFS is not enabled on the PIXs. Can this affect establishing VPN tunnels between the ASA and the PIXs? Or, is there something else that could be missing out?

1 REPLY

Re: Problem creating Site-to-Site VPN between ASA 5510 8.0(3)and

Adekunle,

pfs needs to coinside at both ends, if enabled at one end the other end needs to be also enabled.

pix-to-pix l2l http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00805a87f7.shtml#pfs

Sometimes if good to understand what psf does Im providing a very good link for reference.

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_tech_note09186a0080094203.shtml#intro

HTH

-Jorge

215
Views
4
Helpful
1
Replies
CreatePlease to create content