skeatingMemberJul 28, 2015 at 11:45 am #165600
I have just taken over a setup, and I am having a problem getting an Avaya Phone to connect over a VPN tunnel using a Netgear FVS 114 to a Cisco 515E PIX. Right now I am trying just to get the VPN Tunnel to stay up so I can ping the servers on the network, then I’ll try to connect the phone. I have 12 other users using the PIX to connect their phone. I have tried to add another user. I copied the running config lines for a user that can connect, made the necessary changes to the lines, and then pasted them back into the running config and did write mem. I checked the lines for accuracy, and they match the other lines. The crypto map is bound to the interface. When I check access-list, the new user shows 479 hitcnt. But the VPN Tunnel will not either come up or stay up, because I cannot ping anything on the network. Is there another way I am suppose to create new user, or is the way I did okay? Is there somewhere other then in the running config I am suppose to make a change or entry?
Additional info: show crypto ipsec sa shows @recv errors 266, #pkts decaps 863, #pkts encaps 0. Attached is the log of the Netgear FVS
Here are the config lines from running config:
name 172.16.203.0 Taylor
access-list inside_nat0_outbound permit ip 10.15.0.0 255.255.0.0 Taylor 255.255.255.0
access-list inside_nat0_outbound permit ip 10.10.0.0 255.255.0.0 Taylor 255.255.255.0
access-list TAG_cryptomap_91 permit ip 10.10.0.0 255.255.0.0 Taylor 255.255.255.0
access-list TAG_cryptomap_91 permit ip 10.15.0.0 255.255.0.0 Taylor 255.255.255.0
crypto map outside_map 91 match address TAG_cryptomap_91
crypto map outside_map 91 set peer 22.214.171.124
crypto map outside_map 91 set transform-set ESP-3DES-MD5
isakmp keyXXXXXXX address 126.96.36.199 netmask 255.255.255.255 no-xauth no-config-mode
You must be logged in to reply to this topic.