cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3222
Views
0
Helpful
1
Replies

IPSEC VPN tunnel issue: Phase 2 negotiation failed due to time up

ben-bowman
Level 1
Level 1

In our India office we have a Cisco SA520 firewall (public IP 182.72.111.18)

In our California office we have an ASA 5520 firewall (public IP 66.185.167.66)

We have had an IPSEC tunnel up for years and occasionally the tunnel breaks.  Here is what I'm seeing on the SA520 log:

Fri Mar 07 20:47:37 2014 (GMT +0530): [Cisco] [IKE] INFO:  Initiating new phase 2 negotiation: 182.72.111.18[0]<=>66.185.167.66[0]

Fri Mar 07 20:47:37 2014 (GMT +0530): [Cisco] [IKE] INFO:  IPsec-SA expired: ESP/Tunnel 66.185.167.66->182.72.111.18 with spi=135271603(0x81014b3)

Fri Mar 07 20:47:38 2014 (GMT +0530): [Cisco] [IKE] INFO:  IPsec-SA established: ESP/Tunnel 66.185.167.66->182.72.111.18 with spi=77516397(0x49ece6d)

Fri Mar 07 20:47:38 2014 (GMT +0530): [Cisco] [IKE] INFO:  IPsec-SA established: ESP/Tunnel 182.72.111.18->66.185.167.66 with spi=163242077(0x9bae05d)

Fri Mar 07 20:48:08 2014 (GMT +0530): [Cisco] [IKE] INFO:  Purged IPsec-SA with proto_id=ESP and spi=3829319182(0xe43ec60e).

Fri Mar 07 20:48:46 2014 (GMT +0530): [Cisco] [IKE] ERROR:  Phase 2 negotiation failed due to time up. 0c936dfa799d6715:c1cf3817aa9302a5:c4ec6232

Fri Mar 07 20:48:46 2014 (GMT +0530): [Cisco] [IKE] INFO:  an undead schedule has been deleted: 'quick_i1prep'.

What could cause this to happen intermittenly?  I would think that a configuration mismatch would cause this to happen all the time.

thanks in advance

1 Reply 1

Mpolanco
Level 1
Level 1

Did you find the error or the solution?

I have a similar scenario and I would like to know about your case.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: