PIX 7.2: no crypto map matching problem


i've a problem in setting up a vpn tunnel. It is possible to send encrypted traffic from local to remote side, but the remote side is unable to access the local server.

The traffic selection for the crypto map looks like this:

Local config:

crypto map outside_map 160 match address outside_160_cryptomap crypto map outside_map 160 set peer a.b.c.d crypto map outside_map 160 set transform-set ESP-3DES-SHA crypto map outside_map 160 set security-association lifetime seconds 3600 crypto map outside_map interface outside ... access-list outside_160_cryptomap extended permit ip host host access-list outside_160_cryptomap extended permit icmp any host

Remote config:

access-list 123 permit ip host host access-list 123 permit icmp any host

Sending data from to is working. But when trying to do a PING from one of the remote networks, i always get this in the log:

Rejecting IPSec tunnel: no matching crypto map entry for remote proxy local proxy / on interface outside

But as i understand, exactly this traffic is selected by my local access-list, isn't it?

Regards Markus

Reply to
Markus Marquardt
Loading thread data ...

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.