Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

PIX IDS and VPNs - IP Audit Commands with Site-to-Site VPNs

I have a PIX 515E firewall that has many site-to-site VPNs terminating on the outside interface of the PIX. I want to start utilizing some of the built-in IDS features of the PIX.

I configured the ip audit name (info and action) command and applied the names to the outside interface of the PIX with the ip audit interface command. After configuring the outside interface with the ip audit commands, the PIX immediately began dropping all site-to-site VPN connections terminating on the outside interface of the PIX firewall.

I always backup current configs and alsays have a back-out plan in place when I make any changes to our PIX firewalls. To back-out of the problem ASAP, I immediately reloaded the PIX and in less-than 20 seconds, the VPNs starting re-connecting to the outside interface of the PIX.

What could have caused the VPNs to be abruplty dropped and stopped working? Is there a command that needs to be applied to the outside interface once the ip audit names are applied to the outside interface (like the "crypto map interface outside" command)?

Thanks.

1 REPLY
Bronze

Re: PIX IDS and VPNs - IP Audit Commands with Site-to-Site VPNs

I could not find and bugs that might be relevant to this problem. It is likely that you are running into a configuration problem. Make sure that you enter the configuration command properly and in order. If the problem persists, saving your configuration and reloading the device might just work.

264
Views
0
Helpful
1
Replies
CreatePlease login to create content