VPN L2L phase 2 problem

Unanswered Question
Nov 17th, 2008
User Badges:

Please what can be the reason of this error message:


%PIX|ASA-3-713119: PHASE 1 COMPLETED


%PIX|ASA-5-713050: Connection terminated for peer IP_address. Reason: termination reason Remote Proxy IP_address, Local Proxy IP_address

This message indicates the termination of an IPSec tunnel.


%PIX|ASA-7-713900:Descriptive_event_string.

%PIX|ASA-3-713902 descriptive_event_string


Best regards,

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jon Marshall Mon, 11/17/2008 - 07:44
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Omar


It sounds like you may have a mismatch in your crypto access-lists. Could you possibly post the relevant bits of information from each device.


If not check that your crypto-map access-list on each device is a mirror image eg.


If you had this on the Pix


access-list vpntraffic permit ip 192.168.5.0 255.255.255.0 172.16.5.0 255.255.255.0


then on the ASA you would need


access-list vpntraffic permit ip 172.16.5.0 255.255.255.0 192.168.5.0 255.255.255.0


Jon

Actions

This Discussion