VPN client breaks the tunnel between sites (not with Cisco)

dmilojevic · ‎07-22-2002

Hello,

I have customer considering replacement of existing SonicWall firewall appliances with Cisco solution. The idea is to install/configure two PIX506E and one PIX515 (with DMZ), utilizing IPSec and providing access to remote users over Cisco’s VPN clients.

The challenge customer currently has is that every time when the VPN client accesses the network remotely, the firewalls stop processing IPSec and VPN tunnel between two peers brake down. The only solution to establish connectivity is to restart firewalls on both sides. This start happening when the firewalls’ firmware have been upgraded.

I would like to know if you heard about this problem in Cisco world. Have you had to deal with similar problem(s) using Cisco equipment?

Any feedback would be greatly appreciated.

Regards,

awaheed · ‎07-22-2002

Hi,

My recommendation would be to open up a TAC case on this, they might be able to find an exact bug for this in the version you are running and provide you with a fix right away.

Regards,

Aamir

paqiu · ‎07-22-2002

I think the issue you are talking anout is regrading to SonicWall firewall.

For PIX firewall, the LAN to LAN tunnels and remote access clients will not confict to each other.

For example, you central site PIX 515 building up two LAN to LAN tunnels with two PIX 506E. Those two tunnels passing traffic all the time.

In the meanwhile, some VPN clients connecting the PIX 515 through remote-access VPN, it would not affect the LAN to LAN tunnels.

We have many customers doing that on the PIX, routers and VPN 3000 concentrators. That is no problem for sure.

Best Regards,