VPN Tunnel not being created

Home Forums Networking Cisco Security – PIX/ASA/VPN VPN Tunnel not being created

Viewing 1 post (of 1 total)
  • Author
    Posts
  • Avatar
    skeating
    Member
    #165600

    Hello

    I have just taken over a setup, and I am having a problem getting an Avaya Phone to connect over a VPN tunnel using a Netgear FVS 114 to a Cisco 515E PIX. Right now I am trying just to get the VPN Tunnel to stay up so I can ping the servers on the network, then I’ll try to connect the phone. I have 12 other users using the PIX to connect their phone. I have tried to add another user. I copied the running config lines for a user that can connect, made the necessary changes to the lines, and then pasted them back into the running config and did write mem. I checked the lines for accuracy, and they match the other lines. The crypto map is bound to the interface. When I check access-list, the new user shows 479 hitcnt. But the VPN Tunnel will not either come up or stay up, because I cannot ping anything on the network. Is there another way I am suppose to create new user, or is the way I did okay? Is there somewhere other then in the running config I am suppose to make a change or entry?

    Additional info: show crypto ipsec sa shows @recv errors 266, #pkts decaps 863, #pkts encaps 0. Attached is the log of the Netgear FVS
    Here are the config lines from running config:
    name 172.16.203.0 Taylor
    access-list inside_nat0_outbound permit ip 10.15.0.0 255.255.0.0 Taylor 255.255.255.0
    access-list inside_nat0_outbound permit ip 10.10.0.0 255.255.0.0 Taylor 255.255.255.0

    access-list TAG_cryptomap_91 permit ip 10.10.0.0 255.255.0.0 Taylor 255.255.255.0
    access-list TAG_cryptomap_91 permit ip 10.15.0.0 255.255.0.0 Taylor 255.255.255.0

    crypto map outside_map 91 match address TAG_cryptomap_91
    crypto map outside_map 91 set peer 216.66.40.78
    crypto map outside_map 91 set transform-set ESP-3DES-MD5

    isakmp keyXXXXXXX address 216.66.40.78 netmask 255.255.255.255 no-xauth no-config-mode

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.