Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

VPN Problem - Send Errors incrementing no phase 2 negotiation

Hi,

I have an issue were there is no phase 2 being negotiated for a specific subnet. I have checked that the policys match on the ipsec config which they do and timers etc. Everything looks ok but the router refuses to encrypt any traffic even though it is hitting the ACL. The incrementing errors definately point to a Phase negotiatiation issue.

Please find Debug, router config and sh ipsec sa for the problem subnet attached.

Cheers

Kev

2 REPLIES
Community Member

Re: VPN Problem - Send Errors incrementing no phase 2 negotiatio

Attached.

Community Member

Re: VPN Problem - Send Errors incrementing no phase 2 negotiatio

Resolved this with more specific subnets in the encryption domain.

Sorted.

376
Views
0
Helpful
2
Replies
CreatePlease to create content