Thanx for your reply when i give debug cryto isakmp sa i am getting follwoing message
e5t-pf-sprint(config)# Aug 12 00:16:22 [IKEv1 DEBUG]: Pitcher: received a key acquire message, spi 0x0 Aug 12 00:16:22 [IKEv1]: IP = 207.x.x.x, IKE Initiator: New Phase 1, Intf inside, IKE Peer 207.x.xx local Proxy Address .x98.x.x, remote Proxy Address x.x.x.0, Crypto map Aug 12 00:16:22 [IKEv1 DEBUG]: IP = x.x.x.x, constructing ISAKMP SA payload Aug 12 00:16:22 [IKEv1 DEBUG]: IP = x.x.x.x, constructing Fragmentation VID + extended capabilities payload Aug 12 00:16:22 [IKEv1]: IP = x.x.x.x, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108 Aug 12 00:16:24 [IKEv1 DEBUG]: Pitcher: received a key acquire message, spi 0x0 Aug 12 00:16:24 [IKEv1]: IP = x.x.x.x, Queuing KEY-ACQUIRE messages to be processed when P1 SA is complete. Aug 12 00:16:28 [IKEv1 DEBUG]: Pitcher: received a key acquire message, spi 0x0 + NONE (0) total length : 108 Aug 12 00:16:54 [IKEv1 DEBUG]: IP = 207.x.x.x, IKE MM Initiator FSM error history (struct &0x5085a20) , : MM_DONE, EV_ERROR-->MM_WAIT_MSG2, EV_RETRY-->MM_WAIT_MSG2, EV_TIMEOUT-->MM_WAIT_MSG2, NullEvent-->MM_SND_MSG1, EV_SND_MSG-->MM_SND_MSG1, EV_START_TMR-->MM_SND_MSG1, EV_RESEND_MSG-->MM_WAIT_MSG2, EV_RETRY Aug 12 00:16:54 [IKEv1 DEBUG]: IP = 207.0.x.x, IKE SA MM:15e2aabd terminating: flags 0x01000022, refcnt 0, tuncnt 0 Aug 12 00:16:54 [IKEv1 DEBUG]: IP = 207.x.x, sending delete/delete with reason message Aug 12 00:16:54 [IKEv1]: IP = 207.x.x.x, Removing peer from peer table failed, no match! Aug 12 00:16:54 [IKEv1]: IP = 207.x.x.x, Error: Unable to remove PeerTblEntry
wht does FSM error history ..
i will post u capture comands , i am have enable syspot connection permit-vpn. could you help me over here
yes i have active tunnel connection to other location at site B ,
similarly i have done capture command for outside interface i dont see any traffic for 500 which recieving to my firerwall or my firewall is sending out , similarly i have binded capture acl to inbound direction of outside interface .
similalry by using my ISP connection i can use vpn dialer to connect to my HO ..
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...