Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

How do i start VPN l2l initialization?

hey there!

I have two PIX501e and trying to set up a LAN2LAN. i have all the settings in place, but for some reason its not negotioating the connection. Is there an enable command to negotiate? i have crypto enabled on both outside interfaces

1 ACCEPTED SOLUTION

Accepted Solutions
Bronze

Re: How do i start VPN l2l initialization?

You need to initiate traffic from one end to the other in order for the tunnel to build. The traffic you need to generate is defined within the encryption domain. So, if you're tunneling traffic using RFC1918 IPs (ie. 192.168.x.x), be sure to ping that IP and not the public (or vice-versa).

The encryption domain defines 'interesting traffic', or traffic that the firewall determines should be passed over the tunnel and not through the Internet (or any other interface).

James

2 REPLIES
Bronze

Re: How do i start VPN l2l initialization?

You need to initiate traffic from one end to the other in order for the tunnel to build. The traffic you need to generate is defined within the encryption domain. So, if you're tunneling traffic using RFC1918 IPs (ie. 192.168.x.x), be sure to ping that IP and not the public (or vice-versa).

The encryption domain defines 'interesting traffic', or traffic that the firewall determines should be passed over the tunnel and not through the Internet (or any other interface).

James

New Member

Re: How do i start VPN l2l initialization?

You are right!

Funny thing i was pinging the other device and still nothing, however, when i started AT the other device and pinged me, the tunnel came right up. i guess i was pinging from the wrong side

thank you again!

347
Views
0
Helpful
2
Replies
CreatePlease login to create content