RE: VPN - IPSec over TCP on PIX vs ASA - both ver 8.03 -

From: Rik Guyler (rik@guyler.net)
Date: Tue Feb 05 2008 - 19:56:51 ARST

• Next message: Joseph Brunner: "RE: Route preference"
• Previous message: Joseph Brunner: "RE: CCIE# 20000 ??"
• Maybe in reply to: Andrew Larkins: "RE: VPN - IPSec over TCP on PIX vs ASA - both ver 8.03 -"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Bah! Real men use debugs! ;-)

Rik

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Radioactive Frog
Sent: Tuesday, February 05, 2008 12:48 AM
To: Andrew Larkins
Cc: Andrew Shin; mdestienne@yahoo.com; ccielab@groupstudy.com;
cisco@groupstudy.com; security@groupstudy.com
Subject: Re: VPN - IPSec over TCP on PIX vs ASA - both ver 8.03 - strange
problem only working on PIX and not ASA - UDP works on both!

Andrew,
Config looks same, no issue with it.
The only advise I can give you is to mirror a switch port which is facing to
the router or WAN port and capture the traffic. That will give you some
clue...
Also have you considered upgrading /downgrading the IOS? I don't think it is
a IOS bug as this important function must have been tested in the Cisco lab
before they released the software.

Also have you tried using Object based policy?

Cheers
frog

• Next message: Joseph Brunner: "RE: Route preference"
• Previous message: Joseph Brunner: "RE: CCIE# 20000 ??"
• Maybe in reply to: Andrew Larkins: "RE: VPN - IPSec over TCP on PIX vs ASA - both ver 8.03 -"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Mar 01 2008 - 16:54:47 ARST