I work for a company in the US with a parent company in Japan. I'm trying to replace the Netscreen firewall at this end with a new ASA 5510 and have it l2l with the Netscreen that is likely at the other end. Anyone have any ideas?
I figured things out by setting the new ASA up as though it were a seperate building and connecting it to the internet along with my existing Netscreen. I was able to set up a VPN between the ASA and my Netscreen by following the procedure outlined here http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a00801c4445.shtml for the Netscreen configuration. I believe the problem is that the Netscreens are currently set up with manual key IKE instead of the autokey IKE outlined in the example. I am now putting together instructions for my counterparts at the Japan end of the connection to change their end of the VPN so I can switch to the new ASA here.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...