[c-nsp] vpn l2l issue - pix 506E to an asa5510
Ryan West
rwest at zyedge.com
Thu Dec 24 09:03:10 EST 2009
Dalton,
> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-
> bounces at puck.nether.net] On Behalf Of dalton
> Sent: Thursday, December 24, 2009 6:47 AM
>
>
> Hi all,
>
> I am having a strange issue trying to establish a tunnel between a pix
> 506E and an ASA5510.
>
> sh isa sa on my pix shows tunnel status as failing at MM_KEY_EXCH
>
> i have verified the phase 1 settings and key to be correct here,
>
> also running the pix in debug mode, it appears the pix is passing phase
> 1.
>
> I am natting the destination nets here, and am wondering if perhaps
> this
> is causing the issue.
>
Have you tried entering in the passwords again on both sides? Can you post your relevant NAT, interesting ACLs, and crypto settings?
-ryan
More information about the cisco-nsp
mailing list