VPN from PIX to Linksys AG241-au fails

Unanswered Question
Feb 27th, 2007

Hi

I have just replaced a faulty AG041 with an AG241 router. I have a VPN connection to a PIX firewall that was working correctly prior to the swap. Since the linksys replacement I get very random VPN connectivity. Sometimes it works but most times it doesn't!

A debug on the PIX says

"ISAKMP: reserved not zero on payload 5!"

according to Cisco, this means that the ISAKMP keys do not match. Rekey/reset in order to ensure accuracy.

I have removed the configuration from the PIX and re-added it, I have also re-configured the VPN on the AG241 but I still get this problem.

Any assistance appreciated!

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
vkapoor5 Mon, 03/05/2007 - 13:35

You can add the posiblity of different ISAKMP phase 1 configuration in PIX, so that any one policy will match your setup.

Kamal Malhotra Tue, 03/06/2007 - 00:11

Hi,

The confusing part is the random behavior. Either it should work or shouldn't.

I hope the AG241 has a static Public IP and the PIX is not configured to accept dynamic L2L connections and if it is then atleast the key for AG241 and the dynamic peers is not the same.

HTH,

*Please rate if it helps.

Regards,

Kamal

davidbuit Tue, 03/06/2007 - 02:16

Thanks for your replies. The linksys does have a static IP. There just isn't any valid reason why this conncetion is so flaky. I think it may be related to the AG241 device itself. Linksys tried to assist but said that we should get a replacement through waranty although I don't believe this will necessarily help.

Actions

This Discussion