04-05-2010 12:37 PM - edited 03-11-2019 10:29 AM
I have setup a site to to site VPN tunnel with another company and they are not using an ASA - I am bit new to this and i have encountered an issue that you gurus would resolve in a minute.
The tunnel is up and working but when the guy at the other ends tries to RDP to a serve on my side he cannot connect
I ran the debug util and saw his IP address and captured the error - see below
type 8 code 0 denied due to nat reverse path failure
I am really not sure how to resolve - any easy help would be great as i am really stuck
Cheers this is my 1st Post !!
04-05-2010 03:08 PM
Hi Steve
There are two access lists used in a typical IPsec VPN configuration. One access list is used to exempt traffic that is destined for the VPN tunnel from the NAT process. The other access list defines what traffic to encrypt, be sure that you have configured all of the access lists necessary to complete your IPsec VPN configuration and that those access lists define the correct traffic. Are you able to post the ACL's.
Crypto and no Nat statements.
Regards MJ
04-06-2010 03:16 AM
Thanks I done some more digging and get an error
%ASA-3-713042: IKE Initiator unable to find policy: Intf outside, Src:*.*.*
Error Message
%ASA-3-713042: IKE Initiator unable to find policy: Intf interface_number, Src: source_address, Dst: dest_address
Explanation
This message indicates that the IPsec fast path processed a packet that triggered IKE, but IKE's policy lookup failed. This error could be timing related. The ACLs that triggered IKE might have been deleted before IKE processed the initiation request. This problem will most likely correct itself.
Recommended Action
If the condition persists, check the L2L configuration, paying special attention to the type of ACL associated with crypto maps.
will have to look at it further
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide