Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

515-E VPN clear crypto isakmp sa

Hi,

i have a pair of VPN connection from PIX515-E, after issuing the command:

clear crypto isakmp sa

now none of the VPN tunnels come backup again and show isakmp sa - show something like this

mbryonic : 0

dst src state pending created

x.x.x.x x.x.x.x QM_IDLE 0 0

with QM_IDLE status but can not be created (0)

and then a little while later it disappears and this process keeps repeating

show logs on the PIX-515E i am still seeing trafic hitting the firewall.

Reboot peer FW dfoes not sold the problem. What could be likely be the issue ?

1 REPLY
Cisco Employee

Re: 515-E VPN clear crypto isakmp sa

Hi,

Can you post the cry isakmp and deb cry ipsec debugs from both the pixes.

Regards,

Arul

325
Views
3
Helpful
1
Replies
CreatePlease to create content