Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
371
Views
0
Helpful
2
Replies

getting the following errors between lan2lan VPN: %PIX-2-106001

Mrkaprino
Level 1
Level 1

‎05-30-2007 02:52 PM - edited ‎02-21-2020 01:32 AM

Hi I am getting the following errors when trying to ssh between 2 servers over the VPN tunnel. I see it is going out of my acl_inside access-list but I do not see it reaching the VPN acess list. There is no natting between the 2 ips.

# no natting for 10.13.36.0 subnet to 10.2.0.0 subnet

access-list nonat extended permit ip 10.13.36.0 255.255.254.0 10.2.0.0 255.255.192.0

# acl_in access list

access-list acl_in line 4 extended permit tcp host 10.13.37.245 host 10.2.12.202 (hitcnt=28)

access-list acl_in line 31 extended permit ip 10.13.36.0 255.255.254.0 10.2.0.0 255.255.192.0 (hitcnt=462)

# VPN access list

access-list XO_access_in line 5 extended permit tcp host 10.2.12.202 eq ssh host 10.13.37.245 (hitcnt=0)

%PIX-2-106001: Inbound TCP connection denied from 10.13.37.245/58736 to 10.2.12.202/22 flags SYN on interface inside

# show version

Cisco PIX Security Appliance Software Version 7.0(4)

Device Manager Version 5.0(4)

Compiled on Thu 13-Oct-05 21:43 by builders

System image file is "flash:/pix704.bin"

0 Helpful
2 Replies 2

acomiskey
Level 10
Level 10

‎05-30-2007 03:12 PM

Any chance of getting more complete configs?

0 Helpful

Mrkaprino
Level 1
Level 1
In response to acomiskey

‎05-31-2007 07:04 AM

Here is the config minus the private information. I am just trying to ssh to 10.2.12.202 from 10.13.37.245 via the UK VPN tunnel. There should be no NATing, as well.

Thanks,

Kap

Preview file
7 KB
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card