I have found it works best if done on both devices at the same time.
-----Original Message-----
From: Risto, Jonathan [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 11, 2001 9:22 PM
To: '[EMAIL PROTECTED]'
Subject: RE: PIX Firewall
in regards to clearing these ISAKMP keys, does this have to be done on both
devices, or just one end.. I am thinking it would need to both, and if the
remote end isn't accessable except through the VPN tunnel, this would pose a
problem.
Jonathan
-----Original Message-----
From: Tom Rollins [mailto:[EMAIL PROTECTED]]
Sent: 11 April 2001 5:26 PM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED];
[EMAIL PROTECTED]
Subject: RE: PIX Firewall
I have run into this as well. It seems that the ISAKMP Security Association
times out and can't be re-established without help. You can get the VPN
back up without a reload using the clear crypto isakmp sa command from
config mode.
There may be a way to resolve this by adjusting the time outs or other
ISAKMP parameters, but I haven't looked that deeply into it.
>>> "Ivan Lopez, TRI" <[EMAIL PROTECTED]> 04/11/01 03:08PM >>>
Don't know about the benchmarking, but the only problem that I have found so
far is that if for some reason the VPN connexion goes down, it doesnt comes
up inmeaditly after the link is up, I've even to reload the PIX on the
remote end to re-stablish the VPN connection.
-----Original Message-----
From: Risto, Jonathan [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 11, 2001 3:47 PM
To: '[EMAIL PROTECTED]'
Subject: PIX Firewall
Good day everyone,
I am looking for some information that has benchmarking on the PIX firewall
for providing VPN 3DES tunnels while also providing the basic firewalling at
the site.
Does anyone have and URL for published documents on this, or even if you
have personal experiences with this it would be great.
Thanks
Jonathan
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
This email and any attachments hereto, contain confidential and
privileged information intended only for the addressee. Please
do not read, copy or disseminate it, unless your are the
addressee. If this email is received in error, please notify
TRICOM immediately at (809) 476-4146. TRICOM disclaims all
responsibility from and accepts no liability for any unauthorized
person acting, or refraining from acting, on any information
herein contained.
Este email y cualquier anexo al mismo, contiene informaci�n
privilegiada y confidencial dirigida solo al destinatario. Por
favor no lo lea, copie ni distribuya, a menos que sea el
destinatario. Si recibe este email por error, por favor notifique
inmediatamente a TRICOM al (809) 476-4146. TRICOM no es
responsable por la acci�n u omisi�n en base a la informaci�n
contenida en este email, de cualquier persona no autorizada.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
