cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
688
Views
0
Helpful
3
Replies

VPN Tunnel Error

Pwcjayhawk1
Level 1
Level 1

I have successfully established a site to site VPN tunnel with a Cisco ASA 5505 and a Symantec Gateway 460R. However, the Cisco ASA log is mpushing out tons of this severity 4 log message:

"IPSEC: Received an ESP packet (SPI= 0x5E4FE6BC, sequence number= 0xD7) from 24.249.107.28 (user= 24.249.107.28) to 24.124.37.98. The decapsulated inner packet doesn't match the negotiated policy in the SA. The packet specifies its destination as 63.149.181.130, its source as 10.4.167.105, and its protocol as 17. The SA specifies its local proxy as 192.168.1.0/255.255.255.0/0/0 and its remote_proxy as 10.4.167.0/255.255.255.0/0/0."

Any ideas what would be causing this?

Kev

3 Replies 3

ggilbert
Cisco Employee
Cisco Employee

Kev,

Check the ACL configured on the ASA 5505 to match with the symantec gateway.

On your ASA, the ACL was configured between 192.168.1.x/24 network to 10.4.167.x/24 network. But the packet was received from the address 10.4.167.105 to the address 63.149.181.130, which I believe doesnt belong in your encryption ACL.

Seems like the packet that was received from the symantec gateway does not match the ACL that is configured on the ASA 5505.

Which device has the IP Address 63.149.181.130?

Rate this post, if it helps.

Cheers

Gilbert

The 63.149.181.130 IP belongs to a company that hosts our data images, and its quite regular for the PC's on the Symantec Gateway side to be communicating with it. The wierd thing is that the 10.4.167.105 address is a domain controller, so somehow, communication with the 63.149.181.130 is being routed thru the domain controller and then sent over the encypted VPN to to the ASA 5505.

Kevin,

Atleast you know what is happening now and you can proceed in the right direction.

Rate this post, if it helps.

Cheers

Gilbert

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: