Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Can't do ISAKMP & fixup protocol esp-ike. I need a work-around HELP

I have a pix where I have the "fixup protocol esp-ike" enabled. In this pix, I am trying to set it up as VPN Lan-to-Lan, so the first line I try is "isakmp enable outside", but as soon as I type it, it tells me

ISAKMP cannot be enabled since fixup protocol esp-ike is enabled. Please correct your configuration and re-issue the command

I read that NAT-traversal can perhaps fix this, but I already tried it. I typed "isakmp nat-traversal 3600" and it went OK. I then tried the "isakmp enable outside" again but it gave me the same error message

So I don't know what to do at this point

any help please?

thanks

2 REPLIES

Re: Can't do ISAKMP & fixup protocol esp-ike. I need a work-arou

Hello,

are you using PAT on your PIX by any chance ? If so, both commands indeed are not compatible. Can you post the configuration of your PIX ?

Regards,

GNT

Community Member

Re: Can't do ISAKMP & fixup protocol esp-ike. I need a work-arou

No, PAT is not being used in my pix. Only NAT. My pix 506e acts as a NAT device.

I have read that the 2 commands aren't compatible, so I was asking if there is a work-around that someone can help me with?

thanks

183
Views
0
Helpful
2
Replies
CreatePlease to create content