IPSEC tunnel stopped working
We are having issues with our IPSEC tunnel not working. It was working previously for a while but then all of a sudden it stopped working. We have a Windows 2008 R2 standard server (source) that will initiate the tunnel to a Windows 2003 server (destination).
We have network monitor installed on both servers and see the traffic leaving the Windows 2008 server and arriving at the Windows 2003 server. However, we do not see return traffic leaving the Windows 2003 going back. There is a Cisco ASA firewall that sits
b/t these servers and it has rules in place to allow communication b/t the servers. We are not seeing any traffic being dropped by the Cisco ASA firewall.
Thanks for any help given.
March 29th, 2012 9:08am
Using Cisco IPS Sensor Software Version 6.x, the Cisco AIP-SSM combines inline
prevention services with innovative technologies to improve accuracy. The result
is total confidence in the protection offered by your intrusion prevention
system (IPS) solution, without the fear of legitimate traffic being dropped.
When deployed within Cisco ASA 5500 Series appliances, the AIP-SSM offers
comprehensive protection of your network by collaborating with other network
security resources, providing a proactive approach to protecting your network.Mark Van Deibert
Free Windows Admin Tool Kit Click here and download it now
March 29th, 2012 6:22pm
Hi,
Any errors logs in the Event Viewer? In addition, you may run the IPSec diagnostic tool to check for network if any errors on both Windows 2003 and Windows 2008. For detailed information, please check the following KB article:
The Microsoft IPsec Diagnostic Tool is available for Windows Server 2008, for Windows Vista, for Windows Server 2003, and for Windows XP
http://support.microsoft.com/kb/943862
Also check the Windows Firewall settings on both sides. Please refer to the below link.
Security rules for Windows Firewall and for IPsec-based connections in Windows Vista and in Windows Server 2008
http://support.microsoft.com/kb/942957
Best Regards,
Aiden
Aiden Cao
TechNet Community Support
April 1st, 2012 11:10pm