VPN site-to-site not working with PIX 501s

Discussion in 'Cisco' started by John, May 31, 2006.

  1. John

    John Guest

    I have two PIX 501s and they were connected via a vpn. All of a sudden
    the circuit dropped and after rebooting both devices, I ahve not been
    able to reestablish the VPN. I changed the PRE-SHARE key on both and
    changed the transform sets, but no change. Once someone gave me a
    command to reset the crypto key. I am not sure if this is what I need
    to do. Does anyone know the process to do that or can you offer some
    troubleshooting advice?

    Thanks,

    John
    John, May 31, 2006
    #1
    1. Advertising

  2. John

    Vikas Guest

    Hello John,

    When a tunnel drops suddenly both the device will have mismatched
    states of the crypto SA and SPD.
    The best way is to clear the garbage SA in both the PIX and ping.

    The command to clear isa sa would be
    clear crypto isakmp sa (cle cry isa sa)
    and for ipsec
    clear crypto ipsec sa (cle cry ipse sa)

    Hope this will help
    Vikas

    John wrote:
    > I have two PIX 501s and they were connected via a vpn. All of a sudden
    > the circuit dropped and after rebooting both devices, I ahve not been
    > able to reestablish the VPN. I changed the PRE-SHARE key on both and
    > changed the transform sets, but no change. Once someone gave me a
    > command to reset the crypto key. I am not sure if this is what I need
    > to do. Does anyone know the process to do that or can you offer some
    > troubleshooting advice?
    >
    > Thanks,
    >
    > John
    Vikas, May 31, 2006
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Marko Uusitalo
    Replies:
    1
    Views:
    1,485
    Frank Durham
    Apr 11, 2005
  2. Nate Goulet
    Replies:
    8
    Views:
    1,753
    Walter Roberson
    May 15, 2005
  3. Chris
    Replies:
    9
    Views:
    5,585
    John Doe
    Jul 26, 2006
  4. JohnH
    Replies:
    4
    Views:
    1,998
    JohnH
    Aug 18, 2006
  5. pasatealinux
    Replies:
    1
    Views:
    2,001
    pasatealinux
    Dec 17, 2007
Loading...

Share This Page