site-site VPN tunnel between cisco pix 515 E version 7.0(4) and netscreen.

Discussion in 'Cisco' started by Dil, Dec 13, 2007.

  1. Dil

    Dil

    Joined:
    Nov 8, 2007
    Messages:
    3
    not able to establish the site-site VPN tunnel between cisco pix 515 E version 7.0(4) and netscreen.

    please cross check the conf and let me know if i'm worng some where in this conf.

    : Saved
    : Written by enable_15 at 02:13:29.901 UTC Thu Dec 13 2007
    !
    PIX Version 7.0(4)
    !
    hostname cisco
    domain-name cisco.com
    enable password 9jNfZuG3TC5tCVH0 encrypted
    names
    !
    interface Ethernet0
    nameif outside
    security-level 0
    ip address 10.x.x.80 255.255.255.248
    !
    interface Ethernet1
    speed 100
    duplex full
    nameif inside
    security-level 100
    ip address 192.16.25.100 255.255.255.0
    !
    interface Ethernet2
    speed 100
    duplex full
    nameif DMZ
    security-level 50
    no ip address
    !
    passwd 9jNfZuG3TC5tCVH0 encrypted
    boot system flash:/image.bin
    ftp mode passive
    dns domain-lookup outside
    access-list nonat extended permit ip 192.16.25.0 255.255.255.0 172.0.0.0 255.255.255.0
    access-list 103 extended permit ip 192.16.25.0 255.255.255.0 172.0.0.0 255.255.255.0
    pager lines 24
    logging asdm informational
    mtu outside 1500
    mtu inside 1500
    mtu DMZ 1500
    ERROR: Command requires failover license
    ERROR: Command requires failover license
    icmp permit any outside
    icmp permit any inside
    arp timeout 14400
    nat-control
    global (outside) 1 interface
    global (outside) 2 10.x.x.81 netmask 255.255.255.255
    nat (inside) 2 access-list 103
    nat (inside) 1 0.0.0.0 0.0.0.0
    route outside 0.0.0.0 0.0.0.0 10.x.x.77 1
    timeout xlate 3:00:00
    timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
    timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00
    timeout mgcp-pat 0:05:00 sip 0:30:00 sip_media 0:02:00
    timeout uauth 0:05:00 absolute
    aaa-server TACACS+ protocol tacacs+
    aaa-server RADIUS protocol radius
    http server enable
    http 192.16.25.0 255.255.255.0 inside
    no snmp-server location
    no snmp-server contact
    snmp-server community public
    snmp-server enable traps snmp authentication linkup linkdown coldstart
    crypto ipsec transform-set firstset esp-3des esp-md5-hmac
    crypto map arsinmap 10 match address 103
    crypto map arsinmap 10 set peer 13.y.y.8
    crypto map arsinmap 10 set transform-set firstset
    crypto map arsinmap interface outside
    isakmp enable outside
    isakmp policy 1 authentication pre-share
    isakmp policy 1 encryption 3des
    isakmp policy 1 hash md5
    isakmp policy 1 group 2
    isakmp policy 1 lifetime 86400
    tunnel-group 13.y.y.8 type ipsec-l2l
    tunnel-group 13.y.y.8 ipsec-attributes
    pre-shared-key cisco123
    telnet 192.16.25.0 255.255.255.0 inside
    telnet timeout 5
    ssh timeout 5
    ssh version 1
    console timeout 0
    dhcpd lease 3600
    dhcpd ping_timeout 50
    !
    class-map inspection_default
    match default-inspection-traffic
    !
    !
    policy-map global_policy
    class inspection_default
    inspect dns maximum-length 512
    inspect ftp
    inspect h323 h225
    inspect h323 ras
    inspect rsh
    inspect rtsp
    inspect esmtp
    inspect sqlnet
    inspect skinny
    inspect sunrpc
    inspect xdmcp
    inspect sip
    inspect netbios
    inspect tftp
    inspect http
    !
    service-policy global_policy global
    Cryptochecksum:63b2182c7bb9a6a8428d47ba4a32862b
    : end
    thanks in advance.
     
    Dil, Dec 13, 2007
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Martin Nowles
    Replies:
    0
    Views:
    1,076
    Martin Nowles
    Nov 10, 2003
  2. Trouble
    Replies:
    0
    Views:
    779
    Trouble
    Aug 4, 2006
  3. Trouble
    Replies:
    1
    Views:
    591
  4. Jeff
    Replies:
    5
    Views:
    1,190
  5. ozoubi
    Replies:
    0
    Views:
    917
    ozoubi
    Sep 23, 2010
Loading...

Share This Page