06-05-2010 02:34 AM
Hi Everyone,
I try to configure Site-to-Site VPN between Linksys AG241 and Cisco ASA5520 but I still cannot bring it up for many weeks. Topology as below
Cisco ASA5520 (Fix IP) ----- ADSL Network ----- Linksys AG241 (Dynamic IP)
Attached files is configuration on both ASA and Linksys. Please help suggest me for the solution.
Cheer,
Chim
06-05-2010 02:48 AM
Chim,
Can you do deb cry isa 100 and deb cry ipsec 100 on the ASA and initate a connection?
If concerned about too much debugs - "debug crypto condition peer ...."
I'm interested to see where negotiation is failing - granted I have not taken a look at the linksys device.
Marcin
06-05-2010 03:02 AM
Marcin,
Unfortunately that I forget to capture debug log from ASA. I've only old version of debug log (as attached file) when I first setting up but it different with existing configuration on both ASA and Linksys.
I will continue setup it on 7 June then I will capture debug information as you mention.
Chim
06-06-2010 12:25 AM
Chim,
Indeed messages are not too informative but they indicate a problem wit decoding quick mode messages or similar.
Fresh debugs would be appreciated
Marcin
06-13-2010 07:19 AM
Marcin,
I already solve the problem. The problem is I configure preshared-key on wrong tunnel-group. I configured on DefaultRAGroup but the correct one should be on DefaultL2LGroup.
Chim
06-13-2010 07:23 AM
Chim, good to know!
All the best.
Marcin
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide