Classic but annoying problem with site to site VPN

Unanswered Question
Apr 22nd, 2009
User Badges:

Hi, when trying to connect two cisco routers through VPN, the only debug I have after activating it for crypto isakmp error, ipsec error and crypto engine is :


*Apr 22 14:31:31.672: ISAKMP:(0:0:N/A:0): construct_initial_message: Can not start Main mode

*Apr 22 14:32:01.788: ISAKMP:(0:0:N/A:0):No pre-shared key with 213.127.94.36!

*Apr 22 14:32:01.792: ISAKMP:(0:0:N/A:0): No Cert or pre-shared address key.

*Apr 22 14:32:01.792: ISAKMP:(0:0:N/A:0): construct_initial_message: Can not start Main mode



I'm driving nuts cause I had lots of problems on the past but I never seen this kind of error. I know is not, but by my point of VPN view everything is right in front of my eyes. Do you know this kind of problem ?



Thank you so much.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
vmoopeung Tue, 04/28/2009 - 13:24
User Badges:
  • Bronze, 100 points or more

Do not use isakmp profile/keyring and use regular pre-shared key with FQDN

example: crypto isakmp key cisco hostname testhost.testdomain.com


Actions

This Discussion