I'm trying to setup an easy VPN between Cisco ASA 5520 8.0(3)6 and Cisco 857 Router 12.4(15)T7 C850-ADVSECURITYK9-M.
Firewall has permanent public IP configuration and it acts as easy vpn server and router doesn't have permanent public IP assigned and it acts as easy vpn client.
I've attached configurations of both server (ASA5520) and client (c857)
When I do sh cry ipsec client ezvpn on the router
I get this:
Easy VPN Remote Phase: 6
Tunnel name : ASA
Inside interface list: Vlan1
Outside interface: Dialer0
Current State: SS_OPEN
Last Event: SOCKET_READY
DNS Primary: 220.127.116.11
DNS Secondary: 10.46.2.202
Save Password: Allowed
when I do sh crypto isakmp sa on firewall I get the following:
Active SA: 1
Rekey SA: 0 (A tunnel will report 1 Active and 1 Rekey SA during rekey)
Total IKE SA: 1
1 IKE Peer: xxx.xx.xxx.xx
Type : user Role : responder
Rekey : no State : AM_TM_INIT_MODECFG_V6H
when I do sh crypto isakmp sa on the router I get the following:
IPv4 Crypto ISAKMP SA
dst src state conn-id slot status
xxx.xxx.xx.x yyy.yy.yyy.yy QM_IDLE 2038 0 ACTIVE
xxx.xxx.xx.x yyy.yy.yyy.yy MM_NO_STATE 2037 0 ACTIVE (deleted)
xxx.xxx.xx.x yyy.yy.yyy.yy MM_NO_STATE 2036 0 ACTIVE (deleted)
xxx.xxx.xx.x yyy.yy.yyy.yy MM_NO_STATE 2035 0 ACTIVE (deleted)
I'm stuck at this point.
Your help is much appreciated.