One IPsec tunnel and no ISAKMP tunnel.

One IPsec tunnel and no ISAKMP tunnel.
NewsGroups | Search | Tools
User Password
Register Now! Lost Password?
 comp.dcom.sys.cisco  Post an article  get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content  add this group's latest topics to your Google content  YahooMyWeb Yahoo!  Google Google  Windows Live Favorites Windows Live  del.icio.us del.icio.us  digg digg  Add to Netscape Netscape
Subject Author Date
One IPsec tunnel and no ISAKMP tunnel. AM 12-29-2004
Posted by AM on December 29, 2004, 8:54 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
After configuring a VPN I had a look to the PDM of our PIX and I wondered it
showed me it was one
IPsec tunnel but no ISAKMP/IKE tunnel!

How can this happen?

Is there anybody who can explain me this?

Thanks,

Alex.


NMFall 20%
Posted by Rik Bain on December 29, 2004, 5:56 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
AM wrote:
> After configuring a VPN I had a look to the PDM of our PIX and I
> wondered it showed me it was one IPsec tunnel but no ISAKMP/IKE tunnel!
>
> How can this happen?
>
> Is there anybody who can explain me this?
>
> Thanks,
>
> Alex.

If the IKE tunnel times out/tears down, it will not be rebuilt until the
IPSEC tunnel needs to rekey. For example, if you have a fuctioning
tunnel up, you can clear the isakmp tunnel and traffic will still pass.

Rik


Posted by Walter Roberson on December 29, 2004, 9:13 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
:After configuring a VPN I had a look to the PDM of our PIX and I wondered it
showed me it was one
:IPsec tunnel but no ISAKMP/IKE tunnel!

:How can this happen?

I rarely use PDM, so I am not very familar with it. It could be
anywhere from a bug to the fact that there is no way from the
command line to display isakmp tunnel count information.

BTW, you have not mentioned which software version you are running
on your new 525.

--
I don't know if there's destiny,
but there's a decision! -- Wim Wenders (WoD)


Posted by AM on December 29, 2004, 9:15 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
Walter Roberson wrote:

> :After configuring a VPN I had a look to the PDM of our PIX and I wondered it
showed me it was one
> :IPsec tunnel but no ISAKMP/IKE tunnel!
>
> :How can this happen?
>
> I rarely use PDM, so I am not very familar with it. It could be
> anywhere from a bug to the fact that there is no way from the
> command line to display isakmp tunnel count information.
>
> BTW, you have not mentioned which software version you are running
> on your new 525.
>

6.3(4) e PDM 3.02
Alex


Similar ThreadsPosted
Ipsec tunnel with in another tunnel November 16, 2005, 7:07 pm
IPSEC Tunnel Goes Down July 10, 2006, 5:51 am
IPSEC Tunnel Down July 12, 2006, 4:20 am
PIX-to-PIX IPSec VPN Tunnel July 21, 2006, 7:29 pm
IPSEC Tunnel Going down August 7, 2006, 4:32 am
GRE tunnel and IPsec August 24, 2006, 2:57 pm
IPSec tunnel between ASA and *BSD May 26, 2007, 2:13 pm
PIX to 1760 IPSec Tunnel December 10, 2004, 6:55 am
PIX - Disconnect IPSEC Tunnel December 21, 2004, 9:45 am
IPSec Tunnel Problem December 21, 2004, 3:23 pm

other useful resources:
The Federal Communications Commission (FCC)
Telecommunications Industry Association
Electronic and Software Security Products and Services
International Telecommunication Union

Custom CGI Perl and PHP programming by 1-Script.com

Contact Us | Privacy Policy
The site map in XML format XML site map