Hi,
we have the following problem here with our VPN connection.
We have a EzVPN Server at our Office with a fixed IP and a second pix at our branch office with a dynamic IP.
I used the same configuration we have serveral time in use by customers.
Now we have the problem that the client can connect but jut opens one crypto map at the HQ side. "show crypto map"
Crypto Map "outside_map" 210 ipsec-isakmp Peer = 216.56.23.9 access-list dynacl54; 1 elements access-list dynacl54 line 1 permit ip 10.10.10.0 255.255.255.0 host
216.56.23.9 (hitcnt=0) dynamic (created from dynamic map dyn-map/200) Current peer: 216.56.23.9 Security association lifetime: 4608000 kilobytes/28800 seconds PFS (Y/N): N Transform sets={ plset0, }------------
At all our other configuration we got two crypto maps: an example
Crypto Map "outside_map" 440 ipsec-isakmp Peer = 84.58.110.188 access-list dynacl8184; 1 elements access-list dynacl8184 line 1 permit ip 10.10.10.0 255.255.255.0 host
84.58.110.188 (hitcnt=0) dynamic (created from dynamic map dyn-map/200) Current peer: 84.58.110.188 Security association lifetime: 4608000 kilobytes/28800 seconds PFS (Y/N): N Transform sets={ plset0, }Crypto Map "outside_map" 450 ipsec-isakmp Peer = 84.58.110.188 access-list dynacl8185; 1 elements access-list dynacl8185 line 1 permit ip 10.10.10.0 255.255.255.0
192.168.0.0 255.255.255.0 (hitcnt=257) dynamic (created from dynamic map dyn-map/200) Current peer: 84.58.110.188 Security association lifetime: 4608000 kilobytes/28800 seconds PFS (Y/N): N Transform sets={ plset0, }-------------
"sh crypto ipsec sa" shows more or less the same. Maby someone have a idea where the problem could be or what debug information is needed?
Pix HQ config