Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Users might experience few discrepancies in Search results. We are working on this on our side. We apologize for the inconvenience it may have caused.
New Member

LAN-to-LAN VPN using Cisco 2621 router to VPN 3030 Concentrator

Hi,

I am trying to create a LAN-to-LAN VPN session between a 2621 router [IOS ver: 12.2.8(T4)] and 3030 Concentrator [3.6.7B ] using pre-shared keys [3DES, SHA & DH Group-2]. However, the tunnel does not come up and the session negotiation does not seem to go beyond Phase1-IKE. So far, I have not seen any bugs for this.

Shown below are some of the outputs from debugging IKE & IPSec:

1. ISAKMP (0:2): peer does not do paranoid keepalives.

2. ISAKMP (0:2): deleting SA reason "death by retransmission P2"

state (I) MM_KEY_EXCH (peer x.x.x.x) input queue 0

3. ISAKMP (0:2): processing vendor id payload, vendor ID seems

Unity/DPD but bad major

Please advise.

Thanks,

RAJ

1 REPLY
New Member

Re: LAN-to-LAN VPN using Cisco 2621 router to VPN 3030 Concentra

Try use Group1 instead of Group2. I encountered the same interoperability problem with D-H group before but can not remember what was the BUG ID regarding D-H group issue.

Hope that help,

Engel

266
Views
0
Helpful
1
Replies
CreatePlease to create content