Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

PIX and VPN problem

Hello,

I have a pix 506 with multi VPN, but with one, the tunnel is OK but it create multi time and i have the error on the bebug view :

ISAMKP (0): received DPD_R_U_THERE from peer FWCS

ISAMKP (0): DPD_R_U_THERE: received seq_no 296113268 out of range, expected 229004405

I can have 10 and more tunnel (sho cryp isa sa ) for the same peer.

Pascal.

3 REPLIES
Silver

Re: PIX and VPN problem

I am afraid whether it is possible to set up the VPN failover the way you need with a 506 at this time. It is a possibility for any pix that you can load version 7.0 on. Right now that would be for the 515's and higher. 7.0 software has the ability to re-route traffic on the outside interface. So better, you first verify with this issue.

Bronze

Re: PIX and VPN problem

Hi

PIX 506 E supports 25 site 2 site or remote access tunnels at a single point of time. I would request you to kindly upload the config of PIX along with the full debug messages, so that we can have a look at it.

thanks and regards

aashish C

New Member

Re: PIX and VPN problem

Hi,

I would suggest that have you applied proper access-list on each site 2 site VPN ISAKMP configuration. If you have 3 site 2 site VPN, make sure that proper access-list is defined so that appropriate traffic is generated and tunnel is formed.

Regards,

Rakshit

153
Views
0
Helpful
3
Replies