Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

The strangest ISAKMP debug message ever ...?

We have set up 2 x 827 ADSL routers with IPSEC to provide a VPN between 2 private networks. At present we can ping from hosts on one network to another, but not in the reverse direction. We have also come across an even stranger debug message :- 2d01h: ISAKMP (0:1): deleting SA reason "He''s expired! He''s lost his perch! He''s an ex-parrot!" state (R) QM_IDLE The IOS version for both routers is :- IOS (tm) C820 Software (C820-OSY656I-M), Version 12.1(3)XG1, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1) TAC:Home:SW:IOS:Specials for info.

We have excluded NAT translation for traffic between the private networks.

Any ideas ???

2 REPLIES
New Member

Re: The strangest ISAKMP debug message ever ...?

hehehe

Hi Matthew

Just a quick stab as I'v enot the time right now to look at this.....

Could be that the ACL allowing ESP,AHP and ISAKMP on one router is incorrect? i.e. the addresses are about face?

Ali

New Member

Re: The strangest ISAKMP debug message ever ...?

exclude the outside address as well. chances are that you are natting the outside address.

102
Views
0
Helpful
2
Replies
CreatePlease login to create content