I setup a site-site VPN between PIX on my end and a IBM OS/390 on the other end. I also have a dynamic VPN setup for remote users. The dynamic VPN is working fine . I have a problem with the site-site VPN in that when I initiate the tunnel , it works but when the other end tries it , it does not work. However , the thing I find interesting is that I have included the address of the outside interface on the PIX as part of the interesting traffic , and when the other end initiates a tunnel to the outside interface that works but not to the inside host.I tried a lot of things like changing lifetime, removing NAT eeven thouhgh I'm using NAT 0 . I had the inside and outside addresses translated to be the same. I have no clue now on how to make this work. I have attached a sample config which is similar to the one I use.
Any help would be appreciated.
x.x.12.3 is the OUTSIDE interface and the other end is y.y.4.9.The host to which y.y.4.9 needs to connect is x.x.84.9
access-list WRAIR permit ip host x.x.49.100 x.x.110.0 255.255.255.0
access-list WRAIR permit ip host x.x.68.218 x.x.110.0 255.255.255.0
access-list WRAIR permit ip host x.x.84.9 host y.y.4.9
access-list MEPCOM permit ip host x.x.12.3 host y.y.4.9
access-list MEPCOM permit ip host x.x.84.9 host y.y.4.9
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...