VPN IPSEC

Unanswered Question
Feb 7th, 2009

Dear All,

I have got ASA 5510 with 7.0 Version. i created a IPSEC site to site vpn, when i ping, i can see IKE tunnel 1 on asdm n then i get an error of QM FSM....

I have done the configuration through ASDM only.How can i define these strings as this configuration i recive from the other side,

ISAKMP lifetime (phase 1)= 1440 minutes

SA (phase 2)= 7200 seconds

DPD= disabled

COMPRESSION= disabled

PFS= disabled

Can anyone help to me solve this issue and i wanna do it through ASDM.

Thanks & Regards,

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
cdusio Sat, 02/07/2009 - 04:56

In the logs on ASDM you should see if there is something failing. Usually it will tell you if you are passign phase 1 and then you are on to phase 2. that's the first issue. If you are not passing phase 1 then your IKE parameters don't match on both sides. So make sure they do then you should be able to pass phase 1. Then Phase 2 is IPSec parameters..

HTH

Actions

This Discussion