02-12-2002 12:11 PM - edited 02-21-2020 11:36 AM
Has anyone had any luck in getting a gateway-to-gateway VPN up between a PIX 515 6.0.1 and a Symantec VPN Appliance 100 (Nexland OEM)?
We've tried IKE pre-shared DES ESP MD5 with no luck.
02-19-2002 06:55 AM
Since there has been no response to your post, it appears to be either too complex or too rare an issue for other forum members to assist you. If you don't get a suitable response to your post, you may wish to review our resources at the online Technical Assistance Center (http://www.cisco.com/tac) or speak with a TAC engineer. You can open a TAC case online at http://www.cisco.com/tac/caseopen
If anyone else in the forum has some advice, please reply to this thread.
Thank you for posting.
02-19-2002 07:42 AM
Thanks, but I already contacted TAC, and ended up solving this issue (and all my other ones) before they could respond.
The short answer is if you are using this device with a PIX to make a Lan-to-Lan tunnel, and you are using DES MD5 in pre-share mode for key exchange, then you have to set a ISAKMP policy on the PIX that uses "Group 1" compression rather than Group 2 (which I believe is the default.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide