I have two PIX 501s and they were connected via a vpn. All of a sudden the circuit dropped and after rebooting both devices, I ahve not been able to reestablish the VPN. I changed the PRE-SHARE key on both and changed the transform sets, but no change. Once someone gave me a command to reset the crypto key. I am not sure if this is what I need to do. Does anyone know the process to do that or can you offer some troubleshooting advice?
Thanks,
John
Hello John,
When a tunnel drops suddenly both the device will have mismatched states of the crypto SA and SPD. The best way is to clear the garbage SA in both the PIX and ping.
The command to clear isa sa would be clear crypto isakmp sa (cle cry isa sa) and for ipsec clear crypto ipsec sa (cle cry ipse sa)
H> I have two PIX 501s and they were connected via a vpn. All of a sudden
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.