09-16-2005 07:44 AM
We've a pair of PIX firewalls in failover mode with a few configured VPN connections to external sites that we occasionally use.
Since upgrading to 7.0(2) from 6.3(4), these connections have stopped working. Both connections initiated inbound and outbound are affected.
Clues in helping investigate this would be appreciated.
09-21-2005 11:15 PM
The upgrade process did convert your config.
from:
isakmp key ******** address PeerName netmask 255.255.255.255
to:
tunnel-group PeerName type ipsec-l2l
tunnel-group PeerName ipsec-attributes
pre-shared-key *
I found that if you replace the PeerName with it IP address, than it works again!
Don't forget to replace the * with the real key.
10-10-2005 08:04 AM
Since downgraded to 6.3(5) to get the VPN working - planning to upgrade once the need for this VPN goes away.
The config for 7.0(2) had IP addreses in the tunnel-group clauses.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide