VPN not comming up

Unanswered Question
Jul 13th, 2008

my vpn not comming up i have checked the plicies which is ok. my one end is cisco 611 and other is Netscreen.

i am getting the following error:

%CRYPTO-6-IKMP_MODE_FAILURE: Processing of Quick mode failed with peer at 203.x.x.244

This indicate that there is a phase 2 mismatch .but i have checehed the pame at both end.

my configuration which is same at both end.

My vpn is not comming up

Plz suggest me a solution

My config is as follows:

crypto isakmp policy 25

encr 3des

hash md5

authentication pre-share

group 2

crypto isakmp key TataMotorsIndia address 203.x.x.244



crypto ipsec transform-set mymap ah-md5-hmac esp-3des



crypto map tunnelmap 10 ipsec-isakmp

set peer

set transform-set mymap

match address 101

interface FastEthernet0/1

ip address 123.x.x.98

ip virtual-reassembly

duplex auto

speed auto

crypto map tunnelmap

access-list 101 permit ip host

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Daniel Voicu Sun, 07/13/2008 - 23:52


The problem is with the transform set.

no crypto ipsec transform-set mymap ah-md5-hmac esp-3des

crypto ipsec transform-set mymap esp-3des esp-md5-hmac

This will use only ESP for VPN, and the Phase 2 parameters are: 3DES, MD5

Please rate if this helped.




This Discussion