Framework:
a) 1 site equipped with ASG 6.303 25IP
- (1 hdsl wan + 1 adsl wan + 1 lan)
- location: Italy
- 1 ipsec tunnel already active with a remote office (RSA) working fine.
- local public ip: X.X.X.X for VPN US not working
- local public ip: Y.Y.Y.Y for existent VPN working fine
- local lan: 10.0.0.0
b) 1 site equipped with PIX501 (rel. 6.3)
- location: US (eastern Time Zone)
- local public ip: Z.Z.Z.Z
- local lan: 10.1.1.0
We're tryng to establish ipsec tunnel (PSK 30 char length) between two sites with no results; here are the parameters used:
--------------------------------------------------------------------
IPSEC policy (3des-md5-dh1-3600)
ISAKMP (IKE) SETTINGS
- ike mode = main mode
- encrypt alg = 3des 168bit
- auth alg = md5 160bit
- ike DH group = DH group 1 (modp768)
- SA lifetime = 3600 secs
IPSEC SETTINGS
- ipsec mode = tunnel
- ipsec protocol = ESP
- encryption alg = 3des-CBC 168bit
- enforce alg = off
- auth alg = md5 160bit
- SA lifetime = 3600 secs
- PFS = no PFS
- compression = off
--------------------------------------------------------------------------
Attached is the log from ASG side, with a permanent error that block from rising up correctly IPSEC tunnel between ASG & PIX.
I've already browsed along Astaro archive applying various suggestions, unsuccessfully.
--------------------------------------------------------------------------
Any help will be appreciated, to solve this problem.
Thanks in advance.
Alex
(several ASG v. 6.3x sw & appliances around Italy)
This thread was automatically locked due to age.
