Trouble the site-to-site VPN

Hi, I got a problem on site-to-site vpn connection:

Two PIX to form a site-to-site VPN;

the vpn network is established, but they can not see each other; while I used the debug command : debug crypto isakmp, the following is captured.

JIL-Fw01(config)# ISAKMP (0): beginning Quick Mode exchange, M-ID of -270067984:efe716f0 crypto_isakmp_process_block:src:CP_OFFICE_VPN, dest:JIL_FW spt:500 dpt:500 ISAKMP (0): processing NOTIFY payload 14 protocol 3 spi 3578301247, message ID = 2616065360 ISAKMP (0): deleting spi 1066092757 message ID = 4024899312 return status is IKMP_NO_ERR_NO_TRANS ISAKMP (0): beginning Quick Mode exchange, M-ID of -759732891:d2b76565 crypto_isakmp_process_block:src:CP_OFFICE_VPN, dest:JIL_FW spt:500 dpt:500 ISAKMP (0): processing NOTIFY payload 14 protocol 3 spi 2088620877, message ID = 810430356 ISAKMP (0): deleting spi 1305705852 message ID = 3535234405

Anybody can solve it ?

Thank you

In article , Benson Lei wrote: :Two PIX to form a site-to-site VPN;

:the vpn network is established, but they can not see each other;

UDP 500 (isakmp) is getting through, but something else isn't.

You really haven't said much about your configuration or topology (not even the software versions or models), so I will have to make educated guesses.

Based upon the messages that appear (and that don't), it appears to me that you do not have isakmp nat-traversal turned on, and that IP protocol 50 (ESP) is not getting through -- either ESP is blocked or you are trying to do ESP through a device that is doing Port Address Translation.

If you push your logging level up to 6 (debugging) then what messages show up in the log?

Here are some VPN debugging hints that might be of use to you a bit later:

formatting link