Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
357
Views
0
Helpful
1
Replies

ISR 2851 L2L VPN WITH ASA5505

jorrellp
Level 1
Level 1

‎03-10-2010 09:13 AM

Hi Guys,

We have an existing L2L VPN tunnel with five other sites using an ASA5505 firewall. 

Recently, we deployed 5 more firewall to our additional sites, but this time VPN doesn't work.

Our configuration is a mirror of our existing 5505s except for the local subnet and the global IP add.

I have tried to debug the problem by using:

  • debug crypto isakmp—Displays the ISAKMP           negotiations of Phase 1.

  • debug crypto ipsec—Displays the IPsec           negotiations of Phase 2.

and still not getting any viable information.

My question is:

  1. Is there a known issue or limitation with ISR2851 IOS ver 12.4(24)T regarding L2L VPN?

  2. Should I upgrade to the latest and greatest, which is ver 15.1(1)XB (ED)?
  3. What other IPSec CLI or switches could I use to refine my debugging commands?

Your help is greatly appreciated.

Thanks.

JP

Labels:
0 Helpful
1 Reply 1

paolo bevilacqua
Hall of Fame
Hall of Fame

‎03-10-2010 11:55 AM

Why you blame the router? Most often these things are due to oversights.

Send the debugs here, just remove public addresses.

0 Helpful
Customers Also Viewed These Support Documents