Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

ASA5520 VPN upgrade problems

I just upgraded my ASA5520 from version 7.0(1) to 7.1(2) to 7.2(2). Prior to upgrade I had a static VPN connection to a service provider's Cisco firewall. I also have configured dynamic vpns from cisco vpn clients to access our network via the 5520. Since the software upgrade, the service providers connection still works, but now my dynamic cisco VPN connectsion receive the following error:

IKE initiator: unable to find policy: Intf outside, Src: xxx.xxx.xxx.xxx, Dst yyy.yyy.yyy.y

If I put the IP of the VPN client's internet accessing the ASA into the PEER in place of the Sevice providers IP, the VPN client works.

Anyone have suggestions on how to allow the Static VPN connection to continue to work and allow dynamic VPN connections from any host to connect as they did in the 7.0(1) version? All was working well before upgrading the ASA software.

1 REPLY
Community Member

Re: ASA5520 VPN upgrade problems

The following links provides a configuration example for Configuring PIX-to-Router Dynamic-to-Static IPSec With NAT

http://cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080094a87.shtml

112
Views
0
Helpful
1
Replies
CreatePlease to create content