Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Draytek 2820 to ASA 5510 duplicate Phase1 packet detected

Hello,

I have a really strange situation. For one of our customers I had to configure a Draytek dsl router to connect to their ASA 5510 at HQ location.

When I configure this, the tunnel doesn't come up. It even doesn't pass Phase1 but gives 2 errors:

duplicate phase1 packet detected

p1 retransmit msg dispatched to MM FSM

Whatever I try, different settings of encryption, lifetimes, Nat-T settings, on both ends, it always ends up like this.

Note: This ASA has already 10 ipsec tunnels to similar Drayteks (the customer runs stores troughout the country, puts a Draytek in every store and asks me to configure the Cisco ASA side. No problem, until today, with the 11th Draytek.

Strange thing is, that when I setup a tunnel from the Draytek to our testlab ASA(5520) there is no problem and the tunnel comes up! Same settings, only this 5520 runs 8.2.2(17) software and the 5510 runs on 8.2.5

Anyone familar with this problem?

Hopefully someone has a clue.

With kind regards,

Ralph

Arnhem, Netherlands

Everyone's tags (3)
1 REPLY
Community Member

Draytek 2820 to ASA 5510 duplicate Phase1 packet detected

I did try with same software version as the ASA we own 8.2.2.(17), but that didn't solve it.

Also I purged all other tunnel configs and built the tunnel as single tunnel on the ASA -> no success.

WTF is happening

515
Views
0
Helpful
1
Replies
CreatePlease to create content