Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 1 subscriber
  • Views 1022 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

ASG 120 V8 to Cisco 5505

Simon2003
Hi

we set a site to site VPN to a data center but connection cannot be established unless we ping from a machine in remote site to a machine in local network.  once the ping stop, the connection drop

Astaro
Compression off, not using strict policy.
IKE Settings: AES 256 / MD5 / Group 5: MODP 1536   Lifetime: 7800 seconds
IPSec Settings: AES 256 / MD5 / Group 2: MODP 1024   Lifetime: 3600 seconds

local networks are
 and 10.242.1.0 and 10.242.2.0

anyone has any idea?  thanks a lot.


This thread was automatically locked due to age.
Parents
  • 0
    Thanks - We still need to see the 'IPsec Connection'.

    It looks like there's not 100% agreement on the policy or on the PSK.  The log from the Cisco might tell you that.

    Cheers - Bob
  • 0 in reply to BAlfson
    thanks for your help and you're right.

    change the settings to

    Compression off, not using strict policy.
    IKE Settings: AES 256 / MD5 / Group 5: MODP 1536 Lifetime: 7800 seconds
    IPSec Settings: AES 256 / MD5 / Group 5: MODP 1536 Lifetime: 3600 seconds

    fixed the problem.
Reply
  • 0 in reply to BAlfson
    thanks for your help and you're right.

    change the settings to

    Compression off, not using strict policy.
    IKE Settings: AES 256 / MD5 / Group 5: MODP 1536 Lifetime: 7800 seconds
    IPSec Settings: AES 256 / MD5 / Group 5: MODP 1536 Lifetime: 3600 seconds

    fixed the problem.
Children
No Data