01-16-2008 12:58 PM - edited 02-21-2020 01:52 AM
Im having issues getting ezvpn to work with my asa 5520. I can get L2L ipsec connections working and my vpn clients work but when I try an ezvpn connection the tunnel will come up for a second and then will disconnect. I am using a 3g wic for my connnection.
Im running ios 12.4(11)XV1.
Here are some logs from the asa:
713905 Group = fcb, IP = 99.203.249.159, No valid authentication type found for the tunnel group
113009 AAA retrieved default group policy (FBC-VPN) for user = fcb
713131 Group = fcb, IP = 99.203.249.159, Received unknown transaction mode attribute: 28692
713131 Group = fcb, IP = 99.203.249.159, Received unknown transaction mode attribute: 28693
713184 Group = fcb, IP = 99.203.249.159, Client Type: IOS Client Application Version: 12.4(11)XV1
713131 Group = fcb, IP = 99.203.249.159, Received unknown transaction mode attribute: 28695
713228 Group = fcb, IP = 99.203.249.159, Assigned private IP address 172.25.1.1 to remote user
713201 Group = fcb, IP = 99.203.249.159, Duplicate Phase 2 packet detected. Retransmitting last packet.
713201 Group = fcb, IP = 99.203.249.159, Duplicate Phase 2 packet detected. Retransmitting last packet.
713902 Group = fcb, IP = 99.203.249.159, Removing peer from peer table failed, no match!
713903 Group = fcb, IP = 99.203.249.159, Error: Unable to remove PeerTblEntry
713904 IP = 99.203.249.159, Received encrypted packet with no matching SA, dropping
01-22-2008 11:58 AM
Do you see the message "Cannot obtain an IP address for remote peer" following the message you have mentioned. In that you need to create an address pool and assign addresses to this pool.
01-23-2008 01:11 PM
713228 Group = fcb, IP = 99.203.249.159, Assigned private IP address 172.25.1.1 to remote user
the router is getting a client address.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: