We are trying to establish a site-site VPN between a Cisco831 and an ASA5510.
I've attached the config files of both units and the error file from the ASA.
on the 831, we get:
*Mar 19 22:17:48.743: %CRYPTO-6-IKMP_MODE_FAILURE: Processing of Quick mode failed with peer at 22.214.171.124
I can't seem to find out where the problem is. Could anyone help out please?
The Crypto IPSEC ACL are not matching on the ASA and 831 router.
access-list outside_1_cryptomap extended permit ip 172.30.1.0 255.255.255.0 192.168.13.0 255.255.255.0
access-list 100 permit ip 10.0.0.0 0.255.255.255 172.30.0.0 0.0.255.255
access-list 100 permit ip 192.168.13.0 0.0.0.255 172.30.0.0 0.0.0.255
Make sure that you configure the IPSEC ACLs to be mirror images of each other and then bring up the tunnel. After you make the changes, do update your NAT 0 command accordingly.
*Pls rate if it helps*
try adding this to the ASA..
crypto map outside_map 1 set pfs