10-28-2003 09:05 PM - edited 02-21-2020 12:50 PM
We have a customer who is using PIX525 and CISCO1720 (with VPN Accelerator) for site-to-site VPN.
It has been working fine for more than a year when it suddenly stop functioning. When we did a "sh cryp ipsec sa", the tunnels were still alive and active, except, there were no decap and decrypt packets. We verified the PIX and routers configuration to make sure that there were no unintended changes. We tried tearing down the tunnels and re-establishing them - but still the same.
Anyone with a similar experience to share ?
10-29-2003 07:35 AM
Just make sure that the remote end node is still permitting the particular traffic that you are sending. Your local end seems to be ok since it's encrypting packets but no decrypting because it receiving no replys.
10-29-2003 10:45 PM
This setup has been working for more than a year.
One of the first thing we did was to compare the configurations of the PIX and routers, with the last saved working configurations. But we didn't find any discrepancies that will cause the VPN to fail.
05-14-2017 07:08 AM
I have had issues where the ISP router had to be rebooted.
Thanks,
Alex
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide