From: Wright, Jeremy (wright@admworld.com)
Date: Thu Jan 08 2004 - 19:04:13 GMT-3
i have a very basic site to site vpn between 2 pix's. they are cabled back to back. the ip address on the outside interface of pixA is 1.1.1.1/24 and the outside interface of pixB is 1.1.1.2/24. all of my crypto and isakmp parameters are correct and acl's are mirror images of each other. pixA isakmp peer and crypto peer point to 1.1.1.2 and pixB isakmp and crypto endpoints point to 1.1.1.1. i can only get it to work if each pix has a default route pointing to the other pix. shouldnt nat0 and the crypto acl know to point it to the other pix without the default route? the outside ip's are on the same network so they know how to reach each other. thanks
CONFIDENTIALITY NOTICE:
This message is intended for the use of the individual or entity to which it is addressed and may contain information that is privileged, confidential and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient or the employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited.
If you have received this communication in error, please notify us immediately by email reply or by telephone and immediately delete this message and any attachments. In the U.S. call us toll free at (800) 637-5843.
Spanish, French, Quebecois French, Portuguese, Polish, German, Dutch, Turkish, Russian, Japanese and Chinese: http://www.admworld.com/confidentiality.htm.
This archive was generated by hypermail 2.1.4 : Mon Feb 02 2004 - 09:07:38 GMT-3