Apr 27 2009

Initiate VPN connection on Cisco PIX

Published by at 11:34 pm under Cisco

Having set up VPN parameters on two Cisco PIX, you need to generate a traffic flow from a network to another to bring the connection up. This can be annoying if want to make sure the tunnel is active before you connect the network.
Let’s take 2 sub-networks and
Once VPN connections are configured on the Cisco PIX, double-check you have these:
On PIX1:

PIX1#show run
access-list VPN_TO_PIX2 permit ip
ip address inside
management-access inside

Same on PIX2 for all, but the IP address indeed.
Management-access allows the PIX to send the ping back from the internal interface.
To activate the VPN connection, you just need to ping the remote Cisco’s internal interface from the internal local interface. In a nutshell:

PIX1#ping inside response received -- 60ms response received -- 50ms response received -- 50ms

Check the VPN has been created:

PIX1# show crypto isakmp sa
Total     : 1
Embryonic : 0
        dst	     src        state        pending      created
      PIX2_IP      PIX1_IP      QM_IDLE      0            2

No responses yet

Comments RSS

Leave a Reply