Hello;
I'm having trouble with my VPN. I can connect successfully to the PIX, however I don't receive any traffic. The sent counters increase, but received does not. The same goes for Decrypted packets. Encrypting is fine, but it's not decrypting.
Here is the config;
access-list 108 permit ip 10.1.1.0 255.255.255.0 192.168.4.1 255.255.255.255
ip address outside pppoe setroute
ip address inside 10.1.1.202 255.255.255.0
ip local pool vpntest 192.168.4.1
global (outside) 1 interface
nat (inside) 0 access-list 108
nat (inside) 1 0.0.0.0 0.0.0.0 0 0
route inside 10.1.1.0 255.255.0.0 10.1.1.200 1
sysopt connection permit-ipsec
crypto ipsec transform-set myset esp-3des esp-md5-hmac
crypto ipsec transform-set trmset1 esp-aes-256 esp-md5-hmac
crypto dynamic-map dynmap 10 set transform-set myset
crypto dynamic-map map2 10 set transform-set trmset1
crypto map mymap 10 ipsec-isakmp dynamic dynmap
crypto map mymap client configuration address initiate
crypto map mymap client configuration address respond
crypto map mymap2 10 ipsec-isakmp dynamic map2
crypto map mymap2 interface outside
isakmp enable outside
isakmp identity address
isakmp nat-traversal 30
isakmp policy 10 authentication pre-share
isakmp policy 10 encryption aes-256
isakmp policy 10 hash md5
isakmp policy 10 group 2
isakmp policy 10 lifetime 86400
isakmp policy 20 authentication pre-share
isakmp policy 20 encryption aes-256
isakmp policy 20 hash md5
isakmp policy 20 group 1
isakmp policy 20 lifetime 86400
Any pointers would be greatly appreciated.
I'm having trouble with my VPN. I can connect successfully to the PIX, however I don't receive any traffic. The sent counters increase, but received does not. The same goes for Decrypted packets. Encrypting is fine, but it's not decrypting.
Here is the config;
access-list 108 permit ip 10.1.1.0 255.255.255.0 192.168.4.1 255.255.255.255
ip address outside pppoe setroute
ip address inside 10.1.1.202 255.255.255.0
ip local pool vpntest 192.168.4.1
global (outside) 1 interface
nat (inside) 0 access-list 108
nat (inside) 1 0.0.0.0 0.0.0.0 0 0
route inside 10.1.1.0 255.255.0.0 10.1.1.200 1
sysopt connection permit-ipsec
crypto ipsec transform-set myset esp-3des esp-md5-hmac
crypto ipsec transform-set trmset1 esp-aes-256 esp-md5-hmac
crypto dynamic-map dynmap 10 set transform-set myset
crypto dynamic-map map2 10 set transform-set trmset1
crypto map mymap 10 ipsec-isakmp dynamic dynmap
crypto map mymap client configuration address initiate
crypto map mymap client configuration address respond
crypto map mymap2 10 ipsec-isakmp dynamic map2
crypto map mymap2 interface outside
isakmp enable outside
isakmp identity address
isakmp nat-traversal 30
isakmp policy 10 authentication pre-share
isakmp policy 10 encryption aes-256
isakmp policy 10 hash md5
isakmp policy 10 group 2
isakmp policy 10 lifetime 86400
isakmp policy 20 authentication pre-share
isakmp policy 20 encryption aes-256
isakmp policy 20 hash md5
isakmp policy 20 group 1
isakmp policy 20 lifetime 86400
Any pointers would be greatly appreciated.