your right, that was what it is. but the problem I have now is, i setup my 2 sensors for IPSec and did them both the same way. one works fine but the second gets "error - can not communicate with sensor". I did everything the same. and I have tried save --> update multiple times, and changes all the keys for both sensors and its just the one that seems to have the problem. I also checked the VPN client policy and everything looks right.the 4210 works fine but the 4230FE is the one having the prob.
When setting up IPSec on more than one sensor you need to define a new tunnel template for each sensor.
Here are the steps:
1) Setup IPSec on the first sensor as usual, using the "Highly Secure Manual/IDS Encrypted" template.
2) Before setting up IPSec on the second sensor, you must add a new manual tunnel template. Right click the Highly Secure Manual folder node under IPSec Tunnel Templates and create a new Manual Tunnel Template.
3) Click the template's "Protocol" tab and create a New Proposal selecting the "ESP (HMAC-MD5, DES-CBC)" protocol.
4) Setup IPSec on the second sensor selecting this new tunnel group in the senor's "Use secure IPSec with template" dropdown box on the Control panel.
5) This will cause a new IPSec Tunnel Group node to appear under Network policy.
Use this new group to specify the manual key values.
6) After pressing Update, be sure to issue both of the IPSectool commands that appear on the command panel of the sensor nodes for both sensors.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...