I have to set up a VPN tunnel between pix 535 and cisco vpn concentrator 3000 series.

There is a problem on the pix 535 side. No packets are being encrypted and sent to the vpn concentrator's end.

Pix has multiple SA's for the same tunnel on PIX. Packets are being decrypted by the pix.

I see transmitted packets but no revceived packets on the vpn concentrator.

here is the configuration on the pix:

isakmp key ******** address 202.125.152.200 netmask 255.255.255.255

isakmp policy 20 encrypt des

isakmp policy 20 hash md5

isakmp policy 20 group 2

isakmp enable outside

access-list inside_outbound_nat0_acl line 1 permit 10.0.1.1 255.255.255.255 192.168.5.1 255.255.255.255

nat (inside) 0 access-list inside_outbound_nat0_acl

access-list outside_cryptomap_20 permit ip 10.0.1.1 255.255.255.255 192.168.5.1 255.255.255.255

crypto map outside_map 20 set peer 202.125.152.200

crypto map outside_map 20 match address outside_cryptomap_20

crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac

crypto map outside_map 20 set transform-set ESP-DES-MD5

crypto map outside_map 20 set security-association lifetime seconds 28800

crypto map outside_map interface outside

sysopt connection permit-ipsec

I see hits on the inside_outbound_nat0_acl Access list. There are not hits on the outside_cryptomap_20 access list.

thank you