VPN Problem - Send Errors incrementing no phase 2 negotiation

Unanswered Question
Sep 9th, 2008
User Badges:


I have an issue were there is no phase 2 being negotiated for a specific subnet. I have checked that the policys match on the ipsec config which they do and timers etc. Everything looks ok but the router refuses to encrypt any traffic even though it is hitting the ACL. The incrementing errors definately point to a Phase negotiatiation issue.

Please find Debug, router config and sh ipsec sa for the problem subnet attached.



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
kevinhobson2000 Wed, 09/10/2008 - 00:19
User Badges:

Resolved this with more specific subnets in the encryption domain.



This Discussion