Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

VPN issues with Cisco Pix 515's

Hello All,

Here is my issue, I have 2 PIX 515 firewalls...

I am trying to set up a site to site VPN between 2 of our sites...

Both of these firewalls currently are running one other site to site VPN so I know that is working...

I can't get the second site to site to initiate the VPN...when looking over the syslogs I am getting denied packets....

The protected networks are:

172.16.48.0/24 and 172.16.4.0/22

If I try to ping from the Cisco (172.16.48.4) to 172.16.4.5 I get the following syslog:

2 Sep 02 2008 08:59:47 106001 172.16.48.4 172.16.4.5 Inbound TCP connection denied from 172.16.48.4/1231 to 172.16.4.5/135 flags SYN on interface inside

It seems that the tunnel is trying to initiate itself but something is blocking the internal traffic from getting across the VPN.

Not sure what that could be, the other VPN's are working fine.

Any help would be great...

I am attaching a copy of one of the configs...

Let me know if you need the other...

1 ACCEPTED SOLUTION

Accepted Solutions
Green

Re: VPN issues with Cisco Pix 515's

no route inside 172.16.4.0 255.255.252.0 172.16.48.1 1

Removing that route should get you going. Please rate if it does. Similarly, if you have a similar route on the other end, it should be removed as well.

2 REPLIES
Green

Re: VPN issues with Cisco Pix 515's

no route inside 172.16.4.0 255.255.252.0 172.16.48.1 1

Removing that route should get you going. Please rate if it does. Similarly, if you have a similar route on the other end, it should be removed as well.

New Member

Re: VPN issues with Cisco Pix 515's

Yeap, all set... I was actually coming here to say I had figured it out, but thanks for the reply....!

94
Views
0
Helpful
2
Replies
CreatePlease to create content