Phase 2 problem

Unanswered Question
Dec 4th, 2007
User Badges:


We are having problems with our ipsec sa.

Phase 2 is failing to establish with a high number of send errors.

#send errors 411125

Debug error is

Dec 04 16:00:16 [IKEv1]: Group =, IP =, Static Crypto Map check, map = outside_map, seq = 6, ACL does not match proxy IDs src: dst:network-Local

I know this implies that a matching crypto map is not present but this WAS working until today.

Could anyone help?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
mikedelafield Tue, 12/04/2007 - 07:38
User Badges:

it seems to attempt the SA as expecting using the local Ident but then attempts another using any ideas why this would happen?


This Discussion