Has anyone run across the situation where you see multiple phase 1 tunnels in QM_IDLE going to the same peer? We have a VPN configured between a 3745 and a customer's Watchguard firewall. Traffic across the tunnel works fine but I'm seeing a new phase 1 sa created every few minutes. After a couple of hours it gets up to around 40 isakmp SA's. Since the phase 1 lifetime is 24 hours all these SA's keep piling up. I've verified the phase 2 lifetimes between the two IPSEC peers match and we see normal IPSEC tunnels with the "sh crypto ipsec sa" command. The Watchguard just shows one isakmp SA connection. We already have a project in place to replace the Watchguard with a PIX-515 but I'm just curious if the condition we are in has been seen by others or if I should just consider it a vendor issue between Cisco and this old Watchguard.
While processing initial contact notify messages the PIX does not delete duplicate ISAKMP SA's with the peer. This vulnerability can be exploited to initiate a Man-In-The-Middle attack for VPN sessions to the PIX.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...