Hi,
I've just installed two cisco 506e firewalls. I've created a site to site VPN by using the VPN wizard on the PDM.
During the day, the remote site seems to be losing VPN connectivity for a short while then coming back up.
Internet browsing is fine during the drop out.
Any thoughts / help is appreciated
Many thanks
Trevor
What application is losing connectivity? If it's a connection based app you can try changing the tcp timeout values on both pixes. I don't know where that is in pdm, but it's pretty obvious where it is if you look at the config.
Ted
Hi,
They are using two apps - Outlook and a terminal emulator connected to a unix box.
Only the terminal emulator is visibly kicking users out as they use it all the time. Outlook is hardly used which is why it's not noticed but i'm guessing that's kicking users also.
I'll check out the timout values
Thanks!
Hi Guys,
Can I do the following.
PIX A resides inside the DMZ of PIX B. Can I establish a VPN between PIX A and PIX C. PIX A and C are seperated by the Internet.
Yes , basically you need to make PIX A visible on the internet by translating its outside address in PIX B and allow ISAKMP - IPSEC traffic to it.
1-Create a static on PIX B for the outside IP of PIX A2- On PIX B outside access-group, permit esp (proto 50) from PIX C IP to PIX A translated address On PIX B outside access-group, permit ah (proto 51) from PIX C IP to PIX A translated address On PIX B outside access-group, permit isakmp (udp 500) from PIX C IP to PIX A translated address
3-On PIX C crypto map use the translated address of PIX A as the peer.Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.