Site-to-Site VPN between Linksys AG241 and Cisco ASA5520

komsakchim · ‎06-05-2010

Hi Everyone,

I try to configure Site-to-Site VPN between Linksys AG241 and Cisco ASA5520 but I still cannot bring it up for many weeks. Topology as below

Cisco ASA5520 (Fix IP) ----- ADSL Network ----- Linksys AG241 (Dynamic IP)

Attached files is configuration on both ASA and Linksys. Please help suggest me for the solution.

Cheer,

Chim

Marcin Latosiewicz · ‎06-05-2010

Chim,

Can you do deb cry isa 100 and deb cry ipsec 100 on the ASA and initate a connection?

If concerned about too much debugs - "debug crypto condition peer ...."

I'm interested to see where negotiation is failing - granted I have not taken a look at the linksys device.

Marcin

komsakchim · ‎06-05-2010

Marcin,

Unfortunately that I forget to capture debug log from ASA. I've only old version of debug log (as attached file) when I first setting up but it different with existing configuration on both ASA and Linksys.

I will continue setup it on 7 June then I will capture debug information as you mention.

Chim

Marcin Latosiewicz · ‎06-06-2010

Chim,

Indeed messages are not too informative but they indicate a problem wit decoding quick mode messages or similar.

Fresh debugs would be appreciated

Marcin

komsakchim · ‎06-13-2010

Marcin,

I already solve the problem. The problem is I configure preshared-key on wrong tunnel-group. I configured on DefaultRAGroup but the correct one should be on DefaultL2LGroup.

Chim

Marcin Latosiewicz · ‎06-13-2010

Chim, good to know!

All the best.

Marcin