Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

ASA 5510 VPN Remote Access problems

HI,

I have configured a VPN remote access in my ASA 5510 with the following situation: The remote client connects to ASA and receive an ip. The connection authenticates perfectly but the traffic doesn't work. I saw ASA's log and got the following answer from it: 713042: IKE Initiator unable to find policy: Intf 1, Src: 192.168.1.51, Dst: 192.168.2.129. I checked it and the configurations seemed to be correct.

Could anyone help my solve this problem?

ip local pool HLG-VPN-POOL 192.168.2.129-192.168.2.190 mask 255.255.255.192

group-policy HLG-VPN internal

group-policy HLG-VPN attributes

split-tunnel-policy tunnelspecified

split-tunnel-network-list value HLG-VPN_splitTunnelAcl

dns-server value 192.168.1.51 192.168.1.50

default-domain value hlg.com

tunnel-group HLG-VPN type ipsec-ra

tunnel-group HLG-VPN general-attributes

default-group-policy HLG-VPN

authentication-server-group ACS

address-pool HLG-VPN-POOL

tunnel-group HLG-VPN ipsec-attributes

pre-shared-key *

crypto dynamic-map dynmap 150 set transform-set ESP-3DES-MD5

crypto dynamic-map dynmap 150 set security-association lifetime seconds 28800 kilobytes 4608000

no crypto dynamic-map dynmap 150 set nat-t-disable

no crypto dynamic-map dynmap 150 set reverse-route

crypto map ipsec_map interface outside

2 REPLIES
Silver

Re: ASA 5510 VPN Remote Access problems

Error Message %PIX|ASA-3-713042: IKE Initiator unable to find policy: Intf

interface_number, Src: source_address, Dst: dest_address

Explanation This message indicates that the IPSec fast path processed a packet that triggered IKE, but IKE's policy lookup failed. This error could be timing related. The ACLs that triggered IKE might have been deleted before IKE processed the initiation request. This problem will most likely correct itself.

Explanation If the condition persists, check the L2L configuration, paying special attention to the ACLs associated with crypto maps.

check this link:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00805734ae.shtml

New Member

Re: ASA 5510 VPN Remote Access problems

I had fix with 7.2(2)

437
Views
0
Helpful
2
Replies
CreatePlease to create content