NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW1] Problem with site to site VPN tunnel



Title: Problem with site to site VPN tunnel

I am experiencing a strange problem trying to set up some site-to-site tunnels and I was wondering if you guys could help me out. 

  I am having a problem where the local firewall is using an interface OTHER than the external address for the source address of the IPSEC traffic.  So I have s1p1c0 as the internal, eth-s2p1c0 at the DMZ, and ser-s1p2c0 as the external.  For some reason the source address is the address of eth-s2p1c0.    I have checked the host address assignment and the external.if file.  This firewall was working sometime ago doing site to site.  So basically what is happening is the remote FW is sending it's IPSEC traffic to the external address but the local FW is sending it's traffic with a source of the DMZ address.  This obviously is not going to work very well.

The address that the FW is using to connect the IPSEC tunnel is not referenced anywhere other than it's defintion in the OS.  No hosts name. 

I am running VPN-1 4.1 SP3 on a Nokia 650 running 3.3.

Any help would be appreciated. 



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.