Site-to-Site / Static-to-Dynamic VPN Pix515e-RV085 impossible to connect
Here is the state of our Network now:
We have a configuration type Client-to-Site between a Pix Firewall 515e with a static IP and VPN Client V5.0.
There's a DMZ for a webserver and an access to our network on the other interface for our co-worker.
The pool contents 10 adresses 192.168.0.200 to 192.168.0.210 (Small infrastructure)
Firewall contents some ports routing for RDP Clients, SMTP, VPN Pool and Internet Traffic.
There's 2 IPSec profiles, one for the users and the other for the management.
The management is configured with a Splittunnel mode.
The IKE Policies is dynamic with 3DES, sha D-H Group 2 and pre-share.
We are trying to add on our Pix 515e a Site-to-Site configuration with on the other side a RV082 with dynamic IP.
We would like to set-up like a transparent bridge over Internet (a part of IP Adress in one site and the rest in the other site).
All addresses are set manually.
The configuration from the RV082 is really easy with a Gateway-to-Gateway.
WAN1 with DHCP
Local Security IP Only and IP Range 192.168.0.166 to 192.168.0.254 (The internal address from the router)
Remote Security IP Only and IP Range 192.168.0.0 to 192.168.0.149
The future Pool on Pix Firewall will be 150 to 165
IKE Pre-sharedkey, Phase 1 et 2 are equal with the configuration (DES, MD5 Group1)
Few day ago, we have tried to change the Parameters of the Pix to fit with the new routers configuration (new pool, new IKE Policies, new Ipsec connection's profile and when we have applied there was a big problem with an error message
IKE initiator unable to find policy: Intf inside, Src: xx.xxx.xx.xxx, Dst: xxx.xx.x.xxx
But the worst all the people lost Internet and the different VPN's connections were lost.
Before we have saved the configuration (cfg file) and in panic mode we have tried to restore.........
another problem the configuration restore option search a zip file (ADSM 6.1)
By chance, we have rebooted the Cisco Pix Firewall, the informations weren't saved on the flash!
Someone can explain me this problem, about the Backup and Restore on ADSM, because i don't understand.
And Something better what is the solution for this IKE Pre-sharekey Error.
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...