08-19-2008 08:18 AM - edited 02-21-2020 03:53 PM
Hi,
I have an environment with ISA and ISA server 2004 and I am trying to create a vpn site-to-site between them, the tunnel is created as output of command "sh isakmp sa," but not anything happening in the tunnel, or the ping command or via terminal services that the tests that were performed, ISA server logs shows the connection initiate but not complete, I am called support to open in microsoft to investigate but would like to think of you below the topology and settings already checked several times in the settings ASA and ISA Server are identical in both the policies of IPSEC and IKE, if anyone have any idea of what might be wrong now thank you.
asa# sh isakmp sa
Active SA: 1
Rekey SA: 0 (A tunnel will report 1 Active and 1 Rekey SA during rekey)
Total IKE SA: 1
1 IKE Peer: 10.0.0.167
Type : L2L Role : initiator
Rekey : no State : MM_ACTIVE
asa#
regards.
08-20-2008 01:50 AM
Ricardo,
Try removing pfs - no crypto map outside_map 2 set pfs
Also post the output of:-
show crypto ispec sa
HTH>
08-22-2008 06:51 AM
hi andrew
i remove full settings and create settings again its working. thanks andrew
regards
08-22-2008 06:56 AM
np - glad to help.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: