I'm working on a tunnel between the PIX and Nortel 4500. However, the tunnel didn't not work, I checked the isakmp SA is established. Looks like it stuck on IPSEC, I checked the ISAKMP & IPSEC parameter are fine. Below is the debug output :
I am having a similar problem. Do you know if the ISAKMP identity can be set on a peer by peer basis? It seems to be a global ISAKMP value, and I have many tunnels already configured successfully, with no desire to change the parameter except for this particular tunnel to a nortel device. Thanks in advance...
I dont think it is possible to set isakmp identity per peer basis. In case if you want to enable isakmp identity address as well as hostname on the same pix/asa, there is command that can do this. But, you need a minimum of 7.0 to enable this configuration.
"isakmp identity automatic"
Determines ISAKMP negotiation by connection type:
IP address for preshared key
Cert Distinguished Name for certificate authentication
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...