Hello
I'm trying to setup a VPN tunnel between a PIX515 and a Linksys BEFSX41. I set the Linksys with the correct info in the VPN windows (3des-md5), and added the PIX setup showe below.
when i trace the PIX logs I see the following log.Any help with a working setup is welcome.
Ileana
ISAKMP (0): Checking ISAKMP transform 1 against priority 20 policy
ISAKMP: encryption 3DES-CBC
ISAKMP: hash MD5
ISAKMP: auth pre-share
ISAKMP: default group 2
ISAKMP: life type in seconds
ISAKMP: life duration (VPI) of 0x0 0x1 0x51 0x80
ISAKMP (0): atts are acceptable. Next payload is 3
ISAKMP (0): SA is doing pre-shared key authentication using id type ID_IPV4_ADDR
return status is IKMP_NO_ERROR
crypto_isakmp_process_block:src:68.209.99.63, dest:216.148.58.253 spt:500 dpt:500
return status is IKMP_NO_ERR_NO_TRANS
ISAKMP (0): retransmitting phase 1 (0)...
crypto_isakmp_process_block:src:68.209.99.63, dest:216.148.58.253 spt:500 dpt:500
return status is IKMP_NO_ERR_NO_TRAN
and at the end
ISADB: reaper checking SA 0x11b552c, conn_id = 0 DELETE IT!
VPN Peer:ISAKMP: Peer Info for xx.xx.xx.xx/500 not found - peers:9
crypto ipsec transform-set chiset2 esp-3des esp-md5-hmac
crypto map chimap 20 ipsec-isakmp
crypto map chimap 20 match address my-tunnel
crypto map chimap 20 set pfs group2
crypto map chimap 20 set peer xx.xx.xx.xx
crypto map chimap 20 set transform-set chiset2
crypto map chimap interface outside
isakmp enable outside
isakmp key ******** address xx.xx.xx.xx netmask 255.255.255.255
isakmp identity address
isakmp policy 20 authentication pre-share
isakmp policy 20 encryption 3des
isakmp policy 20 hash md5
isakmp policy 20 group 2
isakmp policy 20 lifetime 86400
I'm trying to setup a VPN tunnel between a PIX515 and a Linksys BEFSX41. I set the Linksys with the correct info in the VPN windows (3des-md5), and added the PIX setup showe below.
when i trace the PIX logs I see the following log.Any help with a working setup is welcome.
Ileana
ISAKMP (0): Checking ISAKMP transform 1 against priority 20 policy
ISAKMP: encryption 3DES-CBC
ISAKMP: hash MD5
ISAKMP: auth pre-share
ISAKMP: default group 2
ISAKMP: life type in seconds
ISAKMP: life duration (VPI) of 0x0 0x1 0x51 0x80
ISAKMP (0): atts are acceptable. Next payload is 3
ISAKMP (0): SA is doing pre-shared key authentication using id type ID_IPV4_ADDR
return status is IKMP_NO_ERROR
crypto_isakmp_process_block:src:68.209.99.63, dest:216.148.58.253 spt:500 dpt:500
return status is IKMP_NO_ERR_NO_TRANS
ISAKMP (0): retransmitting phase 1 (0)...
crypto_isakmp_process_block:src:68.209.99.63, dest:216.148.58.253 spt:500 dpt:500
return status is IKMP_NO_ERR_NO_TRAN
and at the end
ISADB: reaper checking SA 0x11b552c, conn_id = 0 DELETE IT!
VPN Peer:ISAKMP: Peer Info for xx.xx.xx.xx/500 not found - peers:9
crypto ipsec transform-set chiset2 esp-3des esp-md5-hmac
crypto map chimap 20 ipsec-isakmp
crypto map chimap 20 match address my-tunnel
crypto map chimap 20 set pfs group2
crypto map chimap 20 set peer xx.xx.xx.xx
crypto map chimap 20 set transform-set chiset2
crypto map chimap interface outside
isakmp enable outside
isakmp key ******** address xx.xx.xx.xx netmask 255.255.255.255
isakmp identity address
isakmp policy 20 authentication pre-share
isakmp policy 20 encryption 3des
isakmp policy 20 hash md5
isakmp policy 20 group 2
isakmp policy 20 lifetime 86400