We bit the bullet and upgraded our ASAs at the DC to 8.4.3. It has been an interesting ride but one issue that we haven't been able to sort out is trouble with Easy VPN. We have about 15 sites that utilize easy vpn via ASA 5505s running 8.2.1 or 8.2.5. Since the upgrade we experience disconnects of the Easy VPN sessions with the ASAs that run 8.4.3. This typically happens in waves where we loose most of the EasyVPN clients but not all of them. Any suggestions on where to start troubleshooting this? I did see the following errors message for each of the remote ASAs that lost connection.
Mar 22 2012 10:59:53 HRTASA : %ASA-4-402117: IPSEC: Received a non-IPSec packet (protocol= UDP) from <IP ADDRESS> to <IP ADDRESS>.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...