Troubleshooting problem with PIX-PIX Site-Site VPN.
I have a PIX to PIX VPN between my hub pix and a remote spoke.
The connectivity on this link through the vpn is very unstable and if i ping through the tunnel to a device on the remote network, icmp packets are dropped on a regular basis. If however I allow icmp through the firewall and ping to the static NATed global address of the same device on the remote network then icmp work consistently.
It appears that the tunnel is randomly dropping packets.
I don't know how to continue, I have asked the ISP to check the line and according to them all appears to be ok.
All of the other tunnels to the hub site are working correctly, we have connections to another 20 sites via vpn with the PIX as the central hub.
Please, any ideas on how to troublshoot further would be greatly appreciated.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...