I just upgraded my ASA5520 from version 7.0(1) to 7.1(2) to 7.2(2). Prior to upgrade I had a static VPN connection to a service provider's Cisco firewall. I also have configured dynamic vpns from cisco vpn clients to access our network via the 5520. Since the software upgrade, the service providers connection still works, but now my dynamic cisco VPN connectsion receive the following error:
IKE initiator: unable to find policy: Intf outside, Src: xxx.xxx.xxx.xxx, Dst yyy.yyy.yyy.y
If I put the IP of the VPN client's internet accessing the ASA into the PEER in place of the Sevice providers IP, the VPN client works.
Anyone have suggestions on how to allow the Static VPN connection to continue to work and allow dynamic VPN connections from any host to connect as they did in the 7.0(1) version? All was working well before upgrading the ASA software.
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...