Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
404
Views
0
Helpful
2
Replies

IPSec VPN between PIX and Cisco 877W

Go to solution
pvzcisco07
Level 1
Level 1

‎10-31-2007 11:15 PM - edited ‎02-21-2020 03:21 PM

Hi All,

I am trying to create a VPN tunnel between a PIX and a Cisco 877W but cant seem to get the tunnel up. When I do a 'sho crypto session' on the Cisco 877, I get it said status of session was down, then changed to DOWN-NEGOTIATING, but it is now DOWN again...Please find attached configs for both ends...Are there any commands to confirm that the tunnel is up other than trying to ping the remote end? I would greatly appreciate any help to get this tunnel up.

Regards,

Raj

Labels:
Preview file
2 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
ajagadee
Cisco Employee
Cisco Employee

‎11-02-2007 09:20 AM

Hi,

Based on the attached configurations, there needs to be couple of changes made. For example:

1. The isakmp policies do not match on the router and pix. Make sure that the Hash, DH Group and Lifetime match on the 877 and pix.

2. The access-list for the ipsec traffic has to be mirror images of each other.

3. Make sure that the ipsec lifetime matches on both the peers.

I hope it helps.

Regards,

Arul

Rate if it helps.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
ajagadee
Cisco Employee
Cisco Employee

‎11-02-2007 09:20 AM

Hi,

Based on the attached configurations, there needs to be couple of changes made. For example:

1. The isakmp policies do not match on the router and pix. Make sure that the Hash, DH Group and Lifetime match on the 877 and pix.

2. The access-list for the ipsec traffic has to be mirror images of each other.

3. Make sure that the ipsec lifetime matches on both the peers.

I hope it helps.

Regards,

Arul

Rate if it helps.

0 Helpful

Go to solution
pvzcisco07
Level 1
Level 1
In response to ajagadee

‎11-06-2007 07:16 PM

Hi Arul,

I changed the ACL's and its seems to have fixed the problem. Thanks Heaps for your help.

Regards,

Raj

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents