Dynamic IPSec VPN btw Cisco ASA & Juniper Firewall !!!

Unanswered Question
Jan 28th, 2010

Hi Guys,

I am trying to setup the Dynamic IPSec VPN tunnel btw Cisco ASA (having Dynamic IP Address) & Juniper Firewall (having Static IP Address)....

But, the tunnel is not coimung up & i am getting this logs on ASA, (Logs are attached as an attachment)

-------------------------------------------------------------------------------------------------------------

ASA(config)# sh crypto isakmp sa

3   IKE Peer: X.Y.Z.Z

    Type    : user            Role    : initiator
    Rekey   : no              State   : MM_WAIT_MSG2

ASA(config)#
------------------------------------------------------------------------------------------------------------

     

Any Idea please,

Regards,

Mubasher

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
pudawat Thu, 01/28/2010 - 17:48

HI,

The tunnel is showing MM_WAIT_MSG2 because it is waing for the peer devie to send proposals.

The packets from the peer device is not reaching ASA.

Try enabling NAT-T on both the devices

Regards,

Pradhuman

Actions

This Discussion