ASA to PIX VPN Error 402120

Unanswered Question
Apr 22nd, 2008
User Badges:

Hi,


We're getting the error below (about 3000 per day) on an ASA5520 (7.2.2) when it receives L2L VPN traffic from a PIX-525 (6.3(5)140):

%ASA-4-402120: IPSEC: Received an ESP packet (SPI= 0xB8EE870D, sequence number= 0x534B0) from 10.10.50.4 (user= 10.10.50.4) to 10.10.62.4 that failed authentication.


Both ends are running failover mode. Could this be an issue between PIX-OS versions?


Thanks in advance.

-Dan



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Radim Jurica Tue, 04/28/2009 - 00:07
User Badges:

Hi,

we discovered same problem on L2L VPN between two ASA 8.0.4 - %ASA-4-402120: IPSEC: Received an ESP packet...that failed authentication. We have not only log/error decryption issue but there is problem with transmiting a bigger data loads. What can be behind this "faild authentication"? Any infrastructure problem? Both ASA's are physically connected on some switch. Any ideas?


Thank you!


Radim




Actions

This Discussion