I have a PIX501 at our coperate offices running a 3des vpn in it. When I try to establish a PIX to PIX tunnel between it and our manufactoring site the 501 crashes when I put the following statment in "crypto map mymap 11 ipsec-isakmp". Is there a limitation on the 501 for ipsec tunnels?
Does it crash or just stop passing traffic? If it stops passing traffic, then this is expected behaviour when you have an incomplete crypto map on the interface. The PIX thinks all traffic should be encrypted and stops passing any traffic thorugh it. To resolve this make sure you remove the command:
> crypto map mymap interface outside
from the PIX before you try and add the new crypto map.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...