ASA to PIX VPN Error 402120

Unanswered Question
Apr 22nd, 2008
User Badges:


We're getting the error below (about 3000 per day) on an ASA5520 (7.2.2) when it receives L2L VPN traffic from a PIX-525 (6.3(5)140):

%ASA-4-402120: IPSEC: Received an ESP packet (SPI= 0xB8EE870D, sequence number= 0x534B0) from (user= to that failed authentication.

Both ends are running failover mode. Could this be an issue between PIX-OS versions?

Thanks in advance.


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Radim Jurica Tue, 04/28/2009 - 00:07
User Badges:


we discovered same problem on L2L VPN between two ASA 8.0.4 - %ASA-4-402120: IPSEC: Received an ESP packet...that failed authentication. We have not only log/error decryption issue but there is problem with transmiting a bigger data loads. What can be behind this "faild authentication"? Any infrastructure problem? Both ASA's are physically connected on some switch. Any ideas?

Thank you!



This Discussion