Site-to-Site VPN between Linksys AG241 and Cisco ASA5520

Unanswered Question
Jun 5th, 2010

Hi Everyone,

I try to configure Site-to-Site VPN between Linksys AG241 and Cisco ASA5520 but I still cannot bring it up for many weeks. Topology as below

Cisco ASA5520 (Fix IP) ----- ADSL Network ----- Linksys AG241 (Dynamic IP)

Attached files is configuration on both ASA and Linksys. Please help suggest me for the solution.



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Marcin Latosiewicz Sat, 06/05/2010 - 02:48


Can you do deb cry isa 100 and deb cry ipsec 100 on the ASA and initate a connection?

If concerned about too much debugs - "debug crypto condition peer ...."

I'm interested to see where negotiation is failing - granted I have not taken a look at the linksys device.


komsakchim Sat, 06/05/2010 - 03:02


Unfortunately that I forget to capture debug log from ASA. I've only old version of debug log (as attached file) when I first setting up but it different with existing configuration on both ASA and Linksys.

I will continue setup it on 7 June then I will capture debug information as you mention.


Marcin Latosiewicz Sun, 06/06/2010 - 00:25


Indeed messages are not too informative but they indicate a problem wit decoding quick mode messages or similar.

Fresh debugs would be appreciated


komsakchim Sun, 06/13/2010 - 07:19


I already solve the problem. The problem is I configure preshared-key on wrong tunnel-group. I configured on DefaultRAGroup but the correct one should be on DefaultL2LGroup.



This Discussion