06-05-2010 02:34 AM
Hi Everyone,
I try to configure Site-to-Site VPN between Linksys AG241 and Cisco ASA5520 but I still cannot bring it up for many weeks. Topology as below
Cisco ASA5520 (Fix IP) ----- ADSL Network ----- Linksys AG241 (Dynamic IP)
Attached files is configuration on both ASA and Linksys. Please help suggest me for the solution.
Cheer,
Chim
06-05-2010 02:48 AM
Chim,
Can you do deb cry isa 100 and deb cry ipsec 100 on the ASA and initate a connection?
If concerned about too much debugs - "debug crypto condition peer ...."
I'm interested to see where negotiation is failing - granted I have not taken a look at the linksys device.
Marcin
06-05-2010 03:02 AM
Marcin,
Unfortunately that I forget to capture debug log from ASA. I've only old version of debug log (as attached file) when I first setting up but it different with existing configuration on both ASA and Linksys.
I will continue setup it on 7 June then I will capture debug information as you mention.
Chim
06-06-2010 12:25 AM
Chim,
Indeed messages are not too informative but they indicate a problem wit decoding quick mode messages or similar.
Fresh debugs would be appreciated
Marcin
06-13-2010 07:19 AM
Marcin,
I already solve the problem. The problem is I configure preshared-key on wrong tunnel-group. I configured on DefaultRAGroup but the correct one should be on DefaultL2LGroup.
Chim
06-13-2010 07:23 AM
Chim, good to know!
All the best.
Marcin
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: