Some clarification

Unanswered Question
Jan 14th, 2008
User Badges:

I am getting the following error on my ASA5510;

7103042 Ike Initiator unable to find policy: Inft outside, Src: 172.16.2.14, Dst: 172.16.3.100

7103042 Ike Initiator unable to find policy: Inft outside, Src: 172.16.2.15, Dst: 172.16.3.100


This occurs when I setup my remote access uses to use the 172.16.3.x network doesn't occur when I give them address space out of my inside network which is 172.16.2.x

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
JORGE RODRIGUEZ Mon, 01/14/2008 - 10:36
User Badges:
  • Green, 3000 points or more

This means isakmp policy is not configured, if this is a L2L session configure isakmp policy as this is part of Ipsec Phase 1 negotiation, if this session does not stablish L2L will not happen.


[edit] I take above back.


see error log 713042


Error Message %PIX|ASA-3-713042: IKE Initiator unable to find policy: Intf

interface_number, Src: source_address, Dst: dest_address

Explanation This message indicates that the IPSec fast path processed a packet that triggered IKE, but IKE's policy lookup failed. This error could be timing related. The ACLs that triggered IKE might have been deleted before IKE processed the initiation request. This problem will most likely correct itself.


Explanation If the condition persists, check the L2L configuration, paying special attention to the ACLs associated


http://www.cisco.com/en/US/docs/security/asa/asa72/system/message/logmsgs.html




Actions

This Discussion