Hi, I've posted several times here requesting help. A few of those times I was asked to post my configs but I'm wondering if anyone ever looks at them. Usually, I just get a link to a config example which doesn't really help me since I already used specific examples to configure the systems (trying to create a static tunnel between two sites to be specific - I followed the Spoke-to-Client examp. pretty closely but I can't establish a the static tunnel. I don't know what I'm doing wrong. When I run:
show crypto isakmp sa
...at the main site (while trying to ping the other side), I see the following:
PIX515E# show crypt isakmp sa
Active SA: 1
Rekey SA: 0 (A tunnel will report 1 Active and 1 Rekey SA during rekey)
Total IKE SA: 1
1 IKE Peer: xxx.xxx.152.117
Type : user Role : initiator
Rekey : no State : MM_WAIT_MSG2
...but it eventually times out. I don't know what I'm doing wrong or how to debug the issue.
Please help - I'm willing to pay somebody to help me get the tunnel up.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...