Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
574
Views
0
Helpful
1
Replies

IPSEC site-to-site Question

chinglee99
Level 1
Level 1

‎09-29-2009 07:05 PM - edited ‎02-21-2020 04:20 PM

Hi!

We are getting this:

IPSEC: Completed outbound permit rule, SPI 0xEE01F27D    Rule ID: 0xCC8CDEE0 IPSEC: No user rule added. No intersection between destination source networks (172.18.0.0/255.255.0.0) and (172.30.20.0/255.255.255.0). IPSEC: New outbound user deny rule, SPI 0xEE01F27D

IPSEC: New outbound user implicit deny rule, SPI 0xEE01F27D

It's denying traffic on the SA. What does it mean when it says No intersection between destination source networks? Any help is greatly appreciated!

Labels:
0 Helpful
1 Reply 1

dhananjoy chowdhury
Level 5
Level 5

‎09-30-2009 06:54 AM

Hi,

Did you configure any kind of auth-proxy on the device for outgoing traffic?

If so check if the contents of the auth-proxy ACL doesn't conflict with crypto ACL

0 Helpful
Customers Also Viewed These Support Documents