Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

IPSEC VPN UP, No traffic flow

hello,

we have an ipsec vpn L2L between vpn 3000 and checkpoint. the status of the tunnel is up, but there was no traffic flow between the private networks. vpn concentrator logs show the following:

30337 09/05/2006 05:44:43.650 SEV=4 IKE/49 RPT=11656 12.163.148.14

Group [12.163.148.14]

Security negotiation complete for LAN-to-LAN Group (12.163.148.14)

Responder, Inbound SPI = 0x5ea40772, Outbound SPI = 0xa3319082

30340 09/05/2006 05:44:43.650 SEV=4 IKE/120 RPT=11462 12.163.148.14

Group [12.163.148.14]

PHASE 2 COMPLETED (msgid=d48cf8ab)

30343 09/05/2006 05:45:38.290 SEV=5 IKE/50 RPT=18496 12.163.148.14

Group [12.163.148.14]

Connection terminated for peer 12.163.148.14.

Reason: Peer Terminate

Remote Proxy 203.91.221.65, Local Proxy 151.108.225.0

anyone faced this issue before ?

Raj

2 REPLIES

Re: IPSEC VPN UP, No traffic flow

do the encryption domains match at each end? sounds like vpn policies are ok but vpn3000 receives packet for encryption domain it is not expecting.

New Member

Re: IPSEC VPN UP, No traffic flow

Make sure at both side intresting traffic is matching. It's look like the interesting traffic is not matching at both side. If problum presist, then plese enable the debug for log severity 13 for IKE,IKEDBG, IPSEC, IPSECDBG and upload log in post.

Thanks,

Mustafa

198
Views
0
Helpful
2
Replies