08-04-2014 01:15 AM
Hi
I had the same error message as this link , But it is working for me connect through IPsec tunnel
https://supportforums.cisco.com/discussion/11234946/cisco-asa-vpn-error-processing-payload-payload-id-1
And My log only display tunnel disconnect below these
Aug 04 2014 15:48:25: %ASA-4-113019: Group = x.x.x.x, Username = x.x.x.x, IP = x.x.x.x, Session disconnected. Session Type: IPsec, Duration: 0h:30m:29s, Bytes xmt: 964, Bytes rcv: 1048, Reason: Idle Timeout
Aug 04 2014 16:00:05: %ASA-3-713048: IP = 203.69.54.253, Error processing payload: Payload ID: 1
Aug 04 2014 16:00:13: %ASA-3-713048: IP = 203.69.54.253, Error processing payload: Payload ID: 1
Aug 04 2014 16:00:21: %ASA-3-713048: IP = 203.69.54.253, Error processing payload: Payload ID: 1
Aug 04 2014 16:00:29: %ASA-3-713048: IP = 203.69.54.253, Error processing payload: Payload ID: 1
Aug 04 2014 16:01:20: %ASA-3-713048: IP = 203.69.54.253, Error processing payload: Payload ID: 1
Aug 04 2014 16:01:28: %ASA-3-713048: IP = 203.69.54.253, Error processing payload: Payload ID: 1
Aug 04 2014 16:01:36: %ASA-3-713048: IP = 203.69.54.253, Error processing payload: Payload ID: 1
Aug 04 2014 16:01:44: %ASA-3-713048: IP = 203.69.54.253, Error processing payload: Payload ID: 1
Aug 04 2014 16:02:35: %ASA-3-713048: IP = 203.69.54.253, Error processing payload: Payload ID: 1
Aug 04 2014 16:02:43: %ASA-3-713048: IP = 203.69.54.253, Error processing payload: Payload ID: 1
Aug 04 2014 16:02:51: %ASA-3-713048: IP = 203.69.54.253, Error processing payload: Payload ID: 1
Aug 04 2014 16:02:59: %ASA-3-713048: IP = 203.69.54.253, Error processing payload: Payload ID: 1
Aug 04 2014 16:03:50: %ASA-3-713048: IP = 203.69.54.253, Error processing payload: Payload ID: 1
What is the possbile problem ?
Thank a lot
Cloud
08-13-2014 03:30 AM
Hi,
This error generally it comes when no matching policy found for isakmp negotiation or missing NAT exemption statement.... this comes for client to site as well as site to site VPN's.....
If the Cisco VPN Clients or the Site-to-Site VPN are not able establish the tunnel with the remote-end device, check that the two peers contain the same encryption, hash, authentication, and Diffie-Hellman parameter values and when the remote peer policy specifies a lifetime less than or equal to the lifetime in the policy that the initiator sent. If the lifetimes are not identical, the security appliance uses the shorter lifetime. If no acceptable match exists, ISAKMP refuses negotiation, and the SA is not established.
"Error: Unable to remove Peer TblEntry, Removing peer from peer table failed, no match!"
Here is the detailed log message:
4|Mar 24 2010 10:21:50|713903: IP = X.X.X.X, Error: Unable to remove PeerTblEntry 3|Mar 24 2010 10:21:50|713902: IP = X.X.X.X, Removing peer from peer table failed, no match! 3|Mar 24 2010 10:21:50|713048: IP = X.X.X.X, Error processing payload: Payload ID: 1 4|Mar 24 2010 10:21:49|713903: IP = X.X.X.X, Information Exchange processing failed 5|Mar 24 2010 10:21:49|713904: IP = X.X.X.X, Received an un-encrypted NO_PROPOSAL_CHOSEN notify message, dropping
This message usually appears due to mismatched ISAKMP policies or a missing NAT 0 statement.
Regards
Karthik
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide