Hello,
First you can prove this by doing a packet tracer, and you will see several phases, you will need to see the phase "VPN" that could be drop the status.
When you see that is because the virtual packt is going across, so once you do that, you will need to run debugging:
debug crypto condition peer <>
debug crypto isakmp 250
debug crypto ipsec 250
Then run the packet tracer and you will see the debugging, if you see something like this:
IKEv1]: Group = x.x.x.x, IP = x.x.x.x, QM FSM error (P2 struct &0x49ba5a0, mess id 0xcd600011)!
[IKEv1]: Group = x.x.x.x, IP = x.x.x.x, Removing peer from correlator table failed, no match!
It points out to an issue with phase 2 <encryption domains>
Also make sure you have a NAT 0 statement.
If you still have issues, attach the packet tracer and the show tech and indicate which is the peer IP address, also the debugging.
Please don´t forget to rate
Best Regards,
David Castro,