Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

VPN unknown reason

I am having an issue connecting a VPN to a Cisco concentrator from a router. Whenever I try and initiate the connection I get an unknown delete reason. Any help would be appreciated.

log

001106: *Feb 17 13:49:21.438 UTC: ISAKMP (0:268435463): received packet from (remote-router) dport 500 sport 500 Global (I) QM_IDLE

001107: *Feb 17 13:49:21.442 UTC: ISAKMP: set new node 1710382098 to QM_IDLE

001108: *Feb 17 13:49:21.442 UTC: CryptoEngine0: CRYPTO_ISA_IKE_DECRYPT(hw)(ipsec)

001109: *Feb 17 13:49:21.442 UTC: CryptoEngine0: generate hmac context for conn id 7

001110: *Feb 17 13:49:21.442 UTC: CryptoEngine0: CRYPTO_ISA_IKE_HMAC(hw)(ipsec)

001111: *Feb 17 13:49:21.442 UTC: ISAKMP:(0:7:HW:2): processing HASH payload. message ID = 1710382098

001112: *Feb 17 13:49:21.442 UTC: ISAKMP:received payload type 18

001113: *Feb 17 13:49:21.442 UTC: ISAKMP:(0:7:HW:2): processing DELETE_WITH_REASON payload, message ID = 1710382098, reason: Unknown delete reason!

001114: *Feb 17 13:49:21.442 UTC: ISAKMP:(0:7:HW:2):peer does not do paranoid keepalives.

001115: *Feb 17 13:49:21.442 UTC: ISAKMP:(0:7:HW:2):deleting SA reason "No error" state (I) QM_IDLE

1 REPLY
Silver

Re: VPN unknown reason

In most cases, IPSec VPN traffic does not pass through ISA Server 2000. However, Cisco Concentrator 3300, with the latest firmware updates, uses "transparent tunneling" that uses User Datagram Protocol (UDP) ports 500, 4500, and 10000 to communicate securely between VPN clients and concentrators. By creating these protocol definitions, you enable the SecureNat client to connect to the Cisco VPN server through ISA Server as all traffic is passed as UDP traffic. According to the Cisco Transparent tunneling technology, this traffic can traverse Network Address Translation (NAT) firewalls

354
Views
0
Helpful
1
Replies
CreatePlease login to create content