VPN tunnel between Cisco 877 and ISA 2004 is up, but not routing

Unanswered Question
Jul 11th, 2008

Hi. I have currently got a tunnel up between our ISA box and our test Cisco 877. However we can't get traffic to route between the two.

Here are the results of the debug crypto ipsec. I can see an error message, but not sure what it means:

*Mar 2 18:10:49.941: IPSEC(validate_proposal_request): proposal part #1

*Mar 2 18:10:49.941: IPSEC(validate_proposal_request): proposal part #1,

(key eng. msg.) INBOUND local= y.y.y.y, remote= x.x.x.x,

local_proxy= 192.168.100.0/255.255.255.0/0/0 (type=4),

remote_proxy= x.x.x.x/255.255.255.255/0/0 (type=1),

protocol= ESP, transform= NONE (Tunnel),

lifedur= 0s and 0kb,

spi= 0x0(0), conn_id= 0, keysize= 0, flags= 0x0

*Mar 2 18:10:49.941: Crypto mapdb : proxy_match

src addr : 192.168.100.0

dst addr : x.x.x.x

protocol : 0

src port : 0

dst port : 0

*Mar 2 18:10:49.941: Crypto mapdb : proxy_match

src addr : 192.168.100.0

dst addr : x.x.x.x

protocol : 0

src port : 0

dst port : 0

*Mar 2 18:10:49.941: map_db_find_best did not find matching map

*Mar 2 18:10:49.941: IPSEC(ipsec_process_proposal): proxy identities not supported

Any ideas?

Thanks

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion