Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1291
Views
0
Helpful
2
Replies

ASA to PIX VPN Error 402120

dan.shalinsky
Level 1
Level 1

‎04-22-2008 07:27 AM - edited ‎02-21-2020 03:41 PM

Hi,

We're getting the error below (about 3000 per day) on an ASA5520 (7.2.2) when it receives L2L VPN traffic from a PIX-525 (6.3(5)140):

%ASA-4-402120: IPSEC: Received an ESP packet (SPI= 0xB8EE870D, sequence number= 0x534B0) from 10.10.50.4 (user= 10.10.50.4) to 10.10.62.4 that failed authentication.

Both ends are running failover mode. Could this be an issue between PIX-OS versions?

Thanks in advance.

-Dan

Labels:
0 Helpful
2 Replies 2

Radim Jurica
Level 1
Level 1

‎04-28-2009 12:07 AM

Hi,

we discovered same problem on L2L VPN between two ASA 8.0.4 - %ASA-4-402120: IPSEC: Received an ESP packet...that failed authentication. We have not only log/error decryption issue but there is problem with transmiting a bigger data loads. What can be behind this "faild authentication"? Any infrastructure problem? Both ASA's are physically connected on some switch. Any ideas?

Thank you!

Radim

0 Helpful

kdlittletree
Level 1
Level 1
In response to Radim Jurica

‎03-21-2011 11:56 AM

maybe it's this bug:

CSCsd34052

crash in isakmp_receiver thread during rekey from 7.x peer.

0 Helpful
Customers Also Viewed These Support Documents