PIX & VPN Concentrator LAN-to-LAN Tunnel Disconnected

Discussion in 'Cisco' started by elinor, Nov 16, 2006.

  1. elinor

    elinor Guest

    We connect to other branch offices using a Cisco VPN concentrator
    (Cisco Systems, Inc./VPN 3000 Concentrator Version 4.7.2.C Nov 30 2005
    00:19:31). I am having trouble with LAN-2-LAN connectivity with a PIX
    (I don't know the version or particulars on that device). The tunnel
    can be established but is disconnected every 15-30 seconds, after which
    time it comes back up on its own. No traffic, though, has been able to
    pass through that tunnel. I maintain no NATs that would affect any of
    the addresses for this tunnel. The other party, however, is NAT-ing
    their privately addressed host to a public address. I include this
    here because I found a German forum that referenced my exact error
    message and that spoke of NATs and nat traversal. The errors that I am
    seeing in my concentrator's log are as follow:

    Nov 16 08:50:50 searchbridge-priv 7249 11/16/2006 08:48:32.180 SEV=4
    AUTH/22 RPT=10408 User [public ip address] Group
    [public ip address] connected, Session Type: IPSec/LAN-to-LAN
    Nov 16 08:50:50 searchbridge-priv 7251 11/16/2006 08:48:32.180 SEV=4
    AUTH/84 RPT=10408 LAN-to-LAN tunnel to headend device public ip
    address connected
    Nov 16 08:51:22 searchbridge-priv 7450 11/16/2006 08:49:04.200 SEV=4
    AUTH/23 RPT=10398 public ip address User [public ip address] Group
    [public ip address] disconnected: duration: 0:00:32

    The public IP address is always the peer address of the PIX. Thanks in
    advance. Elinor
    elinor, Nov 16, 2006
    1. Advertisements

  2. www.BradReese.Com, Nov 16, 2006
    1. Advertisements

  3. elinor

    elinor Guest

    thanks i have followed those steps both for setup and troubleshooting
    elinor, Nov 16, 2006
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.