Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
804
Views
0
Helpful
2
Replies

Site to site Ipsec not working at all

Eduardo Marin
Level 1
Level 1

‎12-28-2011 04:50 PM - edited ‎02-21-2020 05:47 PM

Hi,

I have this situation:

I configure a basic Site to Site IPsec VPN in my lab (it worked), and after that I moved one of the ASAs to a remote end. Now the two ASAs are communicating trough a Layer 3 MPLS link (not important, I think), but I can´t do the tunnel works.

I have connectivity between the firewalls, even between pcs connected to the Firewalls with static NAT.

No isakmp associations, or ipsec as.

The only message I have from the remote ASA  is this:

Ignoring msg to mark SA with specified coordinates < DRVPN, 10> dead

Any help will be appreciated.

Regards

.

Labels:
0 Helpful
2 Replies 2

andrew.prince
Level 10
Level 10

‎12-29-2011 08:16 AM

Post your config for review.

0 Helpful

Eduardo Marin
Level 1
Level 1
In response to andrew.prince

‎12-29-2011 11:23 AM

Thanks Andrew, but I figured it out what was happening: I configured a dynamic NAT in the remote end before the MPLS connection were ready. Without that, all is working. Now, I´m only need and access list in order to separate the traffics.

Regards, and thanks again

0 Helpful
Customers Also Viewed These Support Documents