From: fwells12 (fwells12@xxxxxxxxxxx)
Date: Wed Feb 21 2001 - 04:02:28 GMT-3
Just started playing with security related configs and ran into what =
could be a problem. I setup Fatkids IPSec 393 ( =
http://www.fatkid.com/html/393_ipsec.html ) and all is fine. I =
initially used a wide-open access list before locking it down to =
specifics and it appeared to work OK. I did not get any debug output =
from the following commands though: debug crypto <isakamp/ipsec/engine> =
which I found odd. Some show commands did show that I was encrypting =
though so I guess its working fine.
After changing the access lists to match those in the lab, I found I =
could not ping across the networks any longer. The access lists look =
fine to me. Can anyone see anything wrong with them? =20
The potential problem:
When I changed back to the original fully-open access lists I mentioned =
earlier, I was forced to reboot the routers to have them work correctly =
again. I used the help to see if I could possibly find a command which =
can clear whatever it is that makes me reboot, but alas I didn't find =
anything that worked. Any suggestions?
One more question please...
I attempted to configure another IPSec lab earlier ( =
http://www.cisco.com/warp/public/707/manual.html ) and ran into a =
problem trying to add the 'set security association inbound ...' =
commands. I couldn't even find those options on my IOS. I am running =
12.1.5T. Any thoughts?
Cheers
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:28:55 GMT-3