Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
309
Views
0
Helpful
1
Replies

PIX Ver 7.0 VPN Issue

rohit_s
Level 1
Level 1

‎01-09-2006 10:12 PM

PIX 535 with Ver 7.0(4) is used for multiple IPSEC VPN Tunnels. One of the Tunnel to a particular Location gives below problem: -

One of the IP Subnet (10.201.0.0) across the VPN Tunnel stops responding. Though the VPN tunnel remains up and also the other subnets across the same Tunnel to same location are reachable, only one subnet goes down. This happens randomly.

Subnet starts pinging after reloading PIX.

Attached here the Show Run of PIX with Problematic Tunnel config mark RED.

Labels:
0 Helpful
1 Reply 1

jackko
Level 7
Level 7

‎01-10-2006 10:17 AM

i believe the issue is not the local pix. it's a bit hard to say that the local pix does everything right but one subnet.

i suggest you to verify the remote peer device.

on the local pix, do "sh cry ips sa" to verify the number of packet being encrypted/decrypted, and do "deb ic t" to verify whether the echo request and reply flow.

0 Helpful
Customers Also Viewed These Support Documents