isakmp key

[HomeMIS]

Hello, I can't get my pix501 VPN tunnel to work.
It's being installed at my bosses home and he will be able to connect to are network at the office.
I have to config right but the only thing that is differnet is the version. The config now is on a newer version 6.2 the old one was 6.1. Will this make a diffence?
On the new config it has
aaa-server LOCAL protocol local
Will this make a diffence too?
and the isakmp key ******** address 208.2.175.2 netmask 255.255.255.255

Now if I just type that in to the config will that me the right key?? or do i have to generate a key some how??
Thanks

 

[haknwak]

When you do a 'sh conf' the PIX displays the asterisks. You need to type in a plain text string and the key must be the same on both ends of the VPN.

Assuming you can access the console of both PIXes - I would make up a new key and input it identically on both ends.

That'll eliminate the key as a stumbling block. If it doesn't work after that, there is another problem with the setup. "If you lived here, you'd be home by now!"

George Carlin

 

[gbiello]

"aaa-server LOCAL protocol local" shouldn't make a difference.

Compare configuratons to make sure you have compatible SA's.

Use "debug crypto ipsec" and "debug crypto isakmp" to troubleshoot as well.

hope this helps,
-gbiello