cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
314
Views
0
Helpful
2
Replies

Can't do ISAKMP & fixup protocol esp-ike. I need a work-around HELP

insccisco
Level 1
Level 1

I have a pix where I have the "fixup protocol esp-ike" enabled. In this pix, I am trying to set it up as VPN Lan-to-Lan, so the first line I try is "isakmp enable outside", but as soon as I type it, it tells me

ISAKMP cannot be enabled since fixup protocol esp-ike is enabled. Please correct your configuration and re-issue the command

I read that NAT-traversal can perhaps fix this, but I already tried it. I typed "isakmp nat-traversal 3600" and it went OK. I then tried the "isakmp enable outside" again but it gave me the same error message

So I don't know what to do at this point

any help please?

thanks

2 Replies 2

globalnettech
Level 5
Level 5

Hello,

are you using PAT on your PIX by any chance ? If so, both commands indeed are not compatible. Can you post the configuration of your PIX ?

Regards,

GNT

No, PAT is not being used in my pix. Only NAT. My pix 506e acts as a NAT device.

I have read that the 2 commands aren't compatible, so I was asking if there is a work-around that someone can help me with?

thanks

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco