Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Trouble with Cisco AnyConnect ikev2 - Unknown Received a IKE_INIT_SA request

Hi Guys

I am trying to configure Cisco AnyConnect 3.1.04.074 on a Mac OS X 10.8.5 with a ASA 5525x running 9.1.3 to work by esatablishing a IPsec VPN tunnel over Cisco Anyconnect.

I have configured a local  PKI and installed the appropiate certificates on the client machine to ensure that all devices trust each other. The SSL based VPN is working fine however when I attempt the IPsec connection I see the following error in the asa logs.

I have followed the documentation located here,

https://supportforums.cisco.com/docs/DOC-18960

and here

http://www.cisco.com/en/US/products/ps10884/products_tech_note09186a0080bd8106.shtml

4|Nov 25 2013|15:25:13|750003|||||Local:x.x.x.x:4500 Remote:x.x.x.x59782 Username:Unknown Negotiation aborted due to ERROR: Auth exchange failed

3|Nov 25 2013|15:25:13|751011|||||Local:x.x.x.x:4500 Remote:x.x.x.x59782 Username:Unknown Failed user authentication. Error: General Failure

6|Nov 25 2013|15:25:11|302015|x.x.x.x59782|x.x.x.x|4500|Built inbound UDP connection 15618 for dmzData:x.x.x.x/59782 (x.x.x.x/59782) to identity:x.x.x.x/4500 (x.x.x.x/4500)

5|Nov 25 2013|15:25:11|750002|||||Local:x.x.x.x:500 Remote:x.x.x.x:49406 Username:Unknown Received a IKE_INIT_SA request

4|Nov 25 2013|15:25:11|750003|||||Local:x.x.x.x:500 Remote:x.x.x.x:49406 Username:Unknown Negotiation aborted due to ERROR: The peer's KE payload contained the wrong DH group

5|Nov 25 2013|15:25:11|750002|||||Local:x.x.x.x:500 Remote:x.x.x.x:49406 Username:Unknown Received a IKE_INIT_SA request

6|Nov 25 2013|15:25:11|302015|x.x.x.x|49406|x.x.x.x|500|Built inbound UDP connection 15617 for dmzData:x.x.x.x/49406 (x.x.x.x/49406) to identity:x.x.x.x/500 (x.x.x.x/500)

Any Help is much appreciated.

2264
Views
0
Helpful
0
Replies
CreatePlease to create content