VPN Tunnel between ASA and ISA Server 2004

r-barbosa · ‎08-19-2008

Hi,

I have an environment with ISA and ISA server 2004 and I am trying to create a vpn site-to-site between them, the tunnel is created as output of command "sh isakmp sa," but not anything happening in the tunnel, or the ping command or via terminal services that the tests that were performed, ISA server logs shows the connection initiate but not complete, I am called support to open in microsoft to investigate but would like to think of you below the topology and settings already checked several times in the settings ASA and ISA Server are identical in both the policies of IPSEC and IKE, if anyone have any idea of what might be wrong now thank you.

asa# sh isakmp sa

Active SA: 1

Rekey SA: 0 (A tunnel will report 1 Active and 1 Rekey SA during rekey)

Total IKE SA: 1

1 IKE Peer: 10.0.0.167

Type : L2L Role : initiator

Rekey : no State : MM_ACTIVE

asa#

regards.

andrew.prince · ‎08-20-2008

Ricardo,

Try removing pfs - no crypto map outside_map 2 set pfs

Also post the output of:-

show crypto ispec sa

HTH>

r-barbosa · ‎08-22-2008

hi andrew

i remove full settings and create settings again its working. thanks andrew

regards

andrew.prince · ‎08-22-2008

np - glad to help.