My goal here is have 10.99.0.0 (corporate) and the remote site of 10.42.0.0 talk to each other. My config is perfect. Outside interfaces can at least pass traffic to each other. My pix 501 on the remote side can increment its access-lists fine. Even though the tunnel cannot complete.
Now at corporate traffic from any host on 10.99.0.0 still can not increment the access_list. Im wondering if I need some sort of access-list on the inside interface to allow traffic through. I know the traffic is at least getting to the pix ( i checked my syslog)..but its getting denied.
here is the line in syslog that got me thinking about the inside interface.
I had a route statement on the pix that didnt belong. Now that thats gone..everything seems to be incrementing. One question though. I thought my access-lists were allowing everything to flow back and forth to each other. I cant seem to ping the other segment though. IPSEC tunnel is up and running.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...