Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

PIX 501 site-to-site tunnels?

I have a remote site that is currently setup using a PIX 501 which is setup on a cable modem. That PIX connects back to two of my main sites using a VPN tunnel. The two main sites have a ASA5505, and a ASA5510, one has a 10MB fiber connection the or three T1s trunked together.

Here is the problem. For some reason the PIX 501 keeps dropping the tunnel with the ASA5505. And until I log in and do a clear crypto isakmp sa, the tunnel with that ASA won't come back up so traffic can be sent over it. The ASA5510 site has no problem though.

I examined the connection and it looks like there are some packets being dropped right before the VPN tunnel goes down so I'm guessing some ISP problems with the PIX501 site. But why does the ASA5510 resume its tunnel, and the ASA5505 can't?

Any help would be greatly appreciated. thank you.   

New Member

Re: PIX 501 site-to-site tunnels???????

Had the problem again this morning. It seems as though the ASA's can generate traffic to the PIX, but the PIX refuses to unless I do a clear crypto isakmp sa.

Any wonderful clues or help out there??

Here is some more info..

CreatePlease to create content