I've had a set of PIX 506E boxes holding an IPSEC tunnel for a good year or so without a hitch. Today, the tunnel dropped and I lost access to the remote site. The local PIX can only ping devices on the local [inside] subnet and all nodes on all my other subnets can't find a route to the PIX. On the local gateway, I can ping the PIX, but can't traceroute to it. I also ran an ICMP debug and could see when remote nodes ping, but the reply doesn't leave the box.
Nothing has changed, routes all look good, i've reset everything -- no luck at all. Any idea what may be happening? I have a feeling it's a basic issue that looks more complex that it is, but i'm stumped at this point.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...