Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

L2L vpn networks unreachable randomly

I have a L2L VPN between a PIX (6.3.5) and Juniper. On the PIX side I have 5 networks and on the Juniper side there are 6 networks. All is well most of the time, however, randomly a network will become unreachable. Other networks at this location are reachable and it is not the same network every time that becomes unreachable. I've worked with both Cisco and Juniper on the issue and have narrowed it down to a rekeying issue. I can log into the PIX and run 'cl cry isa sa' and 'cl cry ips sa' to clear the associations and resolve the issue. My question is two fold 1) anyone experience anything like this when building a tunnel to a Juniper? 2) I'm not all that good at scripting and wonder if anyone can help me with putting together a script to log into the pix, get into conf the two above commands and then log out?




Re: L2L vpn networks unreachable randomly

The problem might be with the IP pool assignment either through ASA/PIX or Radius server. Use the debug crypto command in order to verify that the netmask and IP addresses are correct. Also, verify that the pool does not include the network address and the broadcast address. Radius servers must be able to assign the proper IP addresses to the clients.

CreatePlease to create content