I've configured an ASA5505 to receive VPN tunnel connections from a 'test' Remote VPN peer. The public i/p of the ASA is 83.***.**.42 and the public i/p of the 'test' peer is 83.***.**.41 The whole thing works fine - I can establish a connection and connect to hosts on the LAN behind the ASA5505. I can also ping the public i/p addx from a host behind the 'test'VPN peer even when the tunnel is not established.
However, when a work colleague tries to establish a VPN connection to the ASA it doesn't work. I've configured another tunnel connection for his VPN peer. His public i/p addx is 212.**.***.78 He cant ping the ASA5505 at all but when he does the following appears in the ASA5505 logs:
6 Jan 29 2008 12:06:58 713905 IP = 212.**.***.78, P1 Retransmit msg dispatched to MM FSM
5 Jan 29 2008 12:06:58 713201 IP = 212.**.***.78, Duplicate Phase 1 packet detected. Retransmitting last packet.
6 Jan 29 2008 12:06:56 302015 212.**.***.78 83.***.**.42 Built inbound UDP connection 27691 for outside:212.**.***.78/500 (212.**.***.78/500) to NP Identity Ifc:83.***.**.42/500 (83.***.**.42/500)
The settings for the test tunnel and the live tunnel are exactly the same except for peer i/p addx and pre-shared key of course.
Can anyone tell me why I can connect to the ASA5505 from one peer but not the other?