Dynamic IPSec VPN btw Cisco ASA & Juniper Firewall !!!

Unanswered Question
Jan 28th, 2010
User Badges:

Hi Guys,


I am trying to setup the Dynamic IPSec VPN tunnel btw Cisco ASA (having Dynamic IP Address) & Juniper Firewall (having Static IP Address)....


But, the tunnel is not coimung up & i am getting this logs on ASA, (Logs are attached as an attachment)


-------------------------------------------------------------------------------------------------------------

ASA(config)# sh crypto isakmp sa


3   IKE Peer: X.Y.Z.Z

    Type    : user            Role    : initiator
    Rekey   : no              State   : MM_WAIT_MSG2

ASA(config)#
------------------------------------------------------------------------------------------------------------

     

Any Idea please,


Regards,

Mubasher

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
pudawat Thu, 01/28/2010 - 17:48
User Badges:

HI,



The tunnel is showing MM_WAIT_MSG2 because it is waing for the peer devie to send proposals.


The packets from the peer device is not reaching ASA.


Try enabling NAT-T on both the devices




Regards,


Pradhuman

Actions

This Discussion