Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Weird L2L Problem

I have a site to site that was previously up and working but it is not now. An ASA is on the side I control and a PIX is on the other end. The weird thing is isakmp seems to be up but not ipsec, as below

ASA5510# sh crypto isakmp sa

IKE Peer: x.x.x.x

Type : L2L

Role : responder

Rekey : no

State : MM_ACTIVE

ASA5510# sh crypto ipsec sa peer x.x.x.x

There are no ipsec sas for peer x.x.x.x

When I try to go across the tunnel I get no matches on the acl but there are hit counts from when it was previously working and a debug seems to reveal nothing.

I find it weird that there is no output for the ipsec sa. Does anyone have any ideas? Thanks.

3 REPLIES
New Member

Re: Weird L2L Problem

Any ideas??? Even one would be helpful, thanks.

New Member

Re: Weird L2L Problem

Remove crypto map from outside interface and apply it again and then check, if still won't work then reapply the whole configurations and then check, still won't work then try to find bug for the software image.

New Member

Re: Weird L2L Problem

I have already tried the first two so I guess I will have to go through the bug tool kit or the open caveats for asa8.2. Thanks a lot for your response.

113
Views
0
Helpful
3
Replies