No announcement yet.

VPN Tunnel not being created

  • Filter
  • Time
  • Show
Clear All
new posts

  • VPN Tunnel not being created


    I have just taken over a setup, and I am having a problem getting an Avaya Phone to connect over a VPN tunnel using a Netgear FVS 114 to a Cisco 515E PIX. Right now I am trying just to get the VPN Tunnel to stay up so I can ping the servers on the network, then I'll try to connect the phone. I have 12 other users using the PIX to connect their phone. I have tried to add another user. I copied the running config lines for a user that can connect, made the necessary changes to the lines, and then pasted them back into the running config and did write mem. I checked the lines for accuracy, and they match the other lines. The crypto map is bound to the interface. When I check access-list, the new user shows 479 hitcnt. But the VPN Tunnel will not either come up or stay up, because I cannot ping anything on the network. Is there another way I am suppose to create new user, or is the way I did okay? Is there somewhere other then in the running config I am suppose to make a change or entry?

    Additional info: show crypto ipsec sa shows @recv errors 266, #pkts decaps 863, #pkts encaps 0. Attached is the log of the Netgear FVS
    Here are the config lines from running config:
    name Taylor
    access-list inside_nat0_outbound permit ip Taylor
    access-list inside_nat0_outbound permit ip Taylor

    access-list TAG_cryptomap_91 permit ip Taylor
    access-list TAG_cryptomap_91 permit ip Taylor

    crypto map outside_map 91 match address TAG_cryptomap_91
    crypto map outside_map 91 set peer
    crypto map outside_map 91 set transform-set ESP-3DES-MD5

    isakmp keyXXXXXXX address netmask no-xauth no-config-mode
    Last edited by skeating; 29th July 2015, 14:24.

  • #2
    i can try to help, i have several vpn's, site to site , client and anyconnect, but on my ASA.

    you are saying that this vpn works now, you mentioned trying to get the tunnel to stay up, but 12 users using it right now, or am i missing something.


    • #3
      Found out yesterday what the cause was. I had created two users, and since I was connecting both from the same IP address, just not at the same time, the PIX was getting confused. I can only connect from one IP address at a time. Once this was pointed out to me, I was able to get it to work.


      • #4
        Cool! Glad it works.