Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Crypto Map statement causes drop 1

Status
Not open for further replies.
hoinvip

hoinvip

MIS
Nov 16, 2001
156
0
0
GB
Has anyone heard of this? I was remotely configuring one of our PIX'es earlier today to add another VPN tunnel, when I added the following statement:

crypto map fred 30 ipsec-isakmp

My session froze and I got kicked out.... any ideas?

This is a PIX515E running PIX Version 6.1(3)

TIA

HoinviP
 
Sort by date Sort by votes
There is a well-known bug in PIX code regarding adding to existing crypto maps. When you add an entry to a crypto map that is already bound to an interface, all traffic stops processing through that interface. Does this sound familiar?

The workaround is to remove the crypto map from the interface first, add the entry, then reapply the crypto map to the interface.

As far as I know, the bug still exists in even the newest versions of the firewall code.
 
Upvote 0 Downvote
Thanks for the advice - that's exactly the problem!

I'll remember this for the next time we add a vpn connection.

Thanks again.

HoinviP
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Nitta84
  • Locked
  • Question
navigation slow and tcp syc/ack drop
Replies
0
Views
86
Nitta84
Nitta84
RMurr34
  • Locked
  • Question
No Internet Access if no static map
Replies
0
Views
32
RMurr34
RMurr34
luuja
  • Locked
  • Question
Sonicwall dropped
Replies
0
Views
36
luuja
luuja
agentpineapple
  • Locked
  • Question
View dropped packets
Replies
2
Views
38
agentpineapple
agentpineapple
2ffat
  • Locked
  • News
Cryptolocker Unlocked 2
Replies
2
Views
25
2ffat
2ffat

Part and Inventory Search

Sponsor

Back
Top