Information Exchange processing failed (VPN Drops at 18h:00m:32s - Cisco ASA 5520)

adder.global · ‎06-06-2014

Hi!

I'm having issues with our VPN connections in our Cisco ASA 5520, the vpn with different routers are disconected at 18h:00m:32s, and the log in the ASA only register this info:

Group = x.x.x.x, Username = x.x.x.x, IP = x.x.x.x, Session disconnected. Session Type: IPsec, Duration: 18h:00m:32s, Bytes xmt: 144238907, Bytes rcv: 18611927, Reason: Lost Service
%ASA-4-713903: IP = x.x.x.x, Information Exchange processing failed

Other times, only register this info when there is a vpn down:

%ASA-4-713903: IP = x.x.x.x, Information Exchange processing failed

In the other side, (usually Cisco 800) with sh crypto session:

Session status: UP-NO-IKE

Any ideas?

adder.global · ‎06-13-2014

When this message appears in the syslog:

Jun 12 18:33:51 firewall_name %ASA-4-113019: Group = A.B.C.D, Username = A.B.C.D, IP = A.B.C.D, Session disconnected. Session Type: IPsec, Duration: 18h:00m:32s, Bytes xmt: 451302917, Bytes rcv: 2730619192, Reason: Lost Service

I see this log in the ASA debug:

Jun 12 18:33:51 [IKEv1 DEBUG]: IP = A.B.C.D, IKE MM Initiator FSM error history (struct &0x773817b8) <state>, <event>: MM_DONE, EV_ERROR-->MM_WAIT_MSG2, EV_RETRY-->MM_WAIT_MSG2, EV_TIMEOUT-->MM_WAIT_MSG2, NullEvent-->MM_SND_MSG1, EV_SND_MSG-->MM_SND_MSG1, EV_START_TMR-->MM_SND_MSG1, EV_RESEND_MSG-->MM_WAIT_MSG2, EV_RETRY

It's a Cisco ASA 5520 - Software Version 8.2(5)33