Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

VPN Error messages

I am running an ASA 5510 with software version 7.2 installed and VPN set up. From a functional standpoint, VPN appears to be working fine- users can connect and access the network and internet properly. However, whenever someone is connected, I get a load of messages in the log like the following:

3 Dec 04 2006 08:58:24 713042 IKE Initiator unable to find policy: Intf inside, Src:, Dst:

10.8.1.x is the subnet that is assigned to the VPN clients. I know the description for this error says that it is "probably timing related and will most likely correct itself", but I continue to get these whenever someone is connected. Considering that when the user is connected using the cisco client, everything appears to work, it would seem that this is primarily a cosmetic issue, but I would like to get it fixed so it stops filling up my logs.

On a potentially related note, if I attempt to connect using the Apple VPN client (which uses the MS chap protocol) it also appears to connect properly, but throws the same string of errors. The difference is that while the cisco client still appears to function properly, the apple client does not- could this be a more extreme symptom of the same problem, exacerbated by the protocol being used? Thanks for any assistance that can be provided on either or both of these errors.


Re: VPN Error messages

seems like traffic is only going one direction in the L2L tunnel.

New Member

Re: VPN Error messages

Makes sense, except that it is an ipsec-ra tunnel, not an ipsec-L2L tunnel. Unless of course, I'm just not understanding the terminology, which is entirely possible. Either way, how might I go about fixing the issue? Thanks for the response!


CreatePlease to create content