Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
501
Views
0
Helpful
2
Replies

The strangest ISAKMP debug message ever ...?

mchard
Level 1
Level 1

‎01-22-2002 02:44 PM - edited ‎03-08-2019 09:38 PM

We have set up 2 x 827 ADSL routers with IPSEC to provide a VPN between 2 private networks. At present we can ping from hosts on one network to another, but not in the reverse direction. We have also come across an even stranger debug message :- 2d01h: ISAKMP (0:1): deleting SA reason "He''s expired! He''s lost his perch! He''s an ex-parrot!" state (R) QM_IDLE The IOS version for both routers is :- IOS (tm) C820 Software (C820-OSY656I-M), Version 12.1(3)XG1, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1) TAC:Home:SW:IOS:Specials for info.

We have excluded NAT translation for traffic between the private networks.

Any ideas ???

Labels:
0 Helpful
2 Replies 2

ali-franks
Level 1
Level 1

‎01-23-2002 03:17 AM

hehehe

Hi Matthew

Just a quick stab as I'v enot the time right now to look at this.....

Could be that the ACL allowing ESP,AHP and ISAKMP on one router is incorrect? i.e. the addresses are about face?

Ali

0 Helpful

kasey.hohenbrink
Level 1
Level 1

‎01-27-2002 08:04 PM

exclude the outside address as well. chances are that you are natting the outside address.

0 Helpful
Customers Also Viewed These Support Documents