I am trying to get a IPSEC vpn tunnel established between a PIX and a Microsoft ISA server.
Does anybody have any good references for how to configure the PIX to get this working?
The VPN tunnel worked prior to the client replacing the PIX at the head end with an ISA server. Now I am seeing erroneous Security Associations (SAs) on both ends of the tunnel (PIX and ISA). And the tunnel appears to work, but drops off periodically throughout the day. The tunnel is reestablished if the client issues echoes from the head end to the remote location.
The three SA's that are established are:
- LAN to LAN (192.168.1.0/24 - 192.168.100.0/24)
- Remote firewall private to ISA server public interface
- LAN (subnet) to LAN (192.168.100.64/26 - 192.168.1.0/24)
The second and third SA's appear to be erroneous.
Below is the IPSEC configuration from the remote branch PIX:
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...