Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

Remote access issue - a device is blocking between the client and the outside PIX interface

Core issue

Intermediate device is blocking IPSec traffic between the client and the PIX.

Resolution

Perform the following steps.

  1. Issue the show crypto ipsec sa command.
  2. Identify your connection entry.
  3. Check the encrypt and decrypt counters.

If you see no decrypts, there could be a firewall and or packet filter device blocking protocols 50 (ESP) or 51 (AH) between the client and the outside PIX interface.

If you see decrypts and no encrypts, there could be a routing issue on the PIX. Verify that there is a default route set on the PIX, and check the routing table on the PIX. If the problem persists, open a service request at the TAC Service Request Tool.

591
Views
0
Helpful
0
Comments