Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

IPSEC Tunnel randomly fails

Hi everyone,

I setup last week a VPN Tunnel beetween Cisco ASA 5585 cluster (Responder) and 4 Netasq U30 (Initiator). Users behind have to connect to a RDS server behind the Cisco Cluster.

Here's what I have in the monitor view, Cisco Side :

- IP = <Netasq_U30_IP>, Received encrypted Packet with no matching SA, Dropping

And here's what I have in the monitor view, Netasq Side :

- IPSEC phase 2 failed.

The only way I found to fix the problem is to generate trafic from the server (cisco side) to the clients (netasq side).

Then, I can see the Phase 1 and phase 2 process to initiate the new tunnel.

I checked the configuration, especially the phase 2, but everything seems to be strictly equal :

- Remote Networks

- Phase 2 lengt

- IPSEC proposal

- PFS DH Group

All the Netasq encounter the issue, randomly and not simultaneously.

I hope someone will have an advice for me

Thanks in advance.

644
Views
0
Helpful
0
Replies
CreatePlease login to create content