We have existing cisco hardware ASA 5510 and cisco router 1800. The ASA 5510 are installed in main office while the 1800 is planned to setup in remote sites for VPN tunnel. Are they compatible or we need purchase another hardware for ASA5510 to match?
Thanks in advance,
I am not sure what you changed. And I am not sure where MD5 came from. In the config files that you posted for both the router and the ASA it is showing SHA. The router and the ASA do need to agree on this parameter.
Perhaps it would help if you run debug for the crypto isakmp negotiation. It would also be helpful if you post current config for the router and the ASA.
I have looked at the new cofig that you posted and see that there are some changes. You have added PFS which is good. And you have changed the access list from 106 to 104. But the access list is still incorrect. Please remove the line that has:
access-list 104 permit ip 0.0.0.0 255.255.255.0 0.0.0.0 255.255.255.0
and replace these 2 lines:
access-list 104 permit ip host 192.168.0.0 host 192.168.10.0
access-list 104 permit ip host 192.168.10.0 host 192.168.0.0
access-list 104 permit ip 192.168.0.0 0.0.0.255 192.168.10.0 0.0.0.255