I have an ASA sitting behind a DSL modem. ASA gets its outside address from dls model through DHCP.
Set for nat-traversal with crypto isakmp nat-traversal command. set the keep alive to 300 seconds.
The isakmp debug shows me its getting the peer shared key from the central site , but it keeps queing the message for processing and never brings up the tunnel, just seems stuck in phase 1. everything seems correct.
I have re entered pre-shared-key, and cleared sa's afterwards and still getting same response.
Anybody know something i should check.