PIX VPN newbie

By kswallow ·
Hello. I'm having trouble setting up a site-site vpn connection using a PIX 506E and I wonder if anyone can point if I'm missing something obvious.
It appears that my PIX is not even attempting to put any traffic down my vpn tunnel as I dont see anything happening when using "debug crypto isakmp" (except for a repeat attempt by another site to connect inbound which is not configured for yet - this wouldn't block creating a new outbound connection to another site would it?)

Config is pasted below with the addresses modified and crap removed. It would be great if anyone could suggest reasons why it's not trying to bring up the tunnel.
I'm trying get from to, have been trying pings from the PIX itself.
The pix is not in use for anything else yet.
Thanks in advance for any suggestions!

PIX Version 6.3(5)
interface ethernet0 100full
interface ethernet1 100full
nameif ethernet0 outside security0
nameif ethernet1 inside security100
hostname MyPix
name OtherNet
access-list outside_cryptomap_20 permit ip OtherNet
access-list outside_cryptomap_20 permit icmp OtherNet
access-list inside_outbound_nat0_acl permit ip OtherNet
ip address outside
ip address inside
ip audit info action alarm
ip audit attack action alarm
nat (inside) 0 access-list inside_outbound_nat0_acl
route outside OtherNet 1
no snmp-server location
no snmp-server contact
snmp-server community public
no snmp-server enable traps
floodguard enable
sysopt connection permit-ipsec
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto map outside_map 20 ipsec-isakmp
crypto map outside_map 20 match address outside_cryptomap_20
crypto map outside_map 20 set peer
crypto map outside_map 20 set transform-set ESP-3DES-MD5
crypto map outside_map interface outside
isakmp enable outside
isakmp key ******** address netmask no-xauth no-config-mode
isakmp policy 20 authentication pre-share
isakmp policy 20 encryption 3des
isakmp policy 20 hash md5
isakmp policy 20 group 2
isakmp policy 20 lifetime 86400

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Answers

Share your knowledge

Related Discussions

Related Forums