Re: Urgent Problem with NG to 4.1 VPN
From:Date: 11/14/02
- Next message: liberiotux: "A question about IPTABLES"
- Previous message: Eben Yong: "PIX 515 with version 4.4"
- In reply to: : "Urgent Problem with NG to 4.1 VPN"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 14 Nov 2002 10:59:52 -0800
In article <3c8f8a12.0211141012.7970d8d1@posting.google.com>,
dave_canuck2001@yahoo.com says...
>
>All;
>
>We recently upgraded one of our locations to NG and since have had a
>problem with our VPN between our location with 4.1 and our location
>with NG. We are running 4.1 SP6 and NG FP3 respectively. We are using
>IKE with 3DES and SHA-1.
>
>When we stop and start the NG Firewall and every once and a while (no
>specific time frames) we lose connectivity one way in the VPN). The
>connection from the internal net behind the 4.1 FW loses connection to
>the net behind the NG Firewall.
>
>We get this error only in the Firewall on the NG side. The 4.1 FW
>encrypts OK.
>
>encryption failure: decrypted methods didn't match rule
>
>If we simply ping from the internal net behind the NG FW to the
>internal net behind the 4.1 FW all starts working again both ways.
>
>Help !
One thing you can check is that the renegotiate times are identical at both
ends. If one is shorter than the other, it may cause problems.
An emergency fix until you figure out the problem is to run a continual ping
from a little-used PC in the NG network. Primitive, but maybe it'll keep the
tunnel up.
--Steve
- Next message: liberiotux: "A question about IPTABLES"
- Previous message: Eben Yong: "PIX 515 with version 4.4"
- In reply to: : "Urgent Problem with NG to 4.1 VPN"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
