Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

VPN Phase 2 Failing

Hi

I am trying to set up a new VPN connection between Site A and Site B.

It passes phase one but throws up an error at phase two. I will attach the error message.

Site A's firewall currently has another VPN on it working away fine so I suspect the problem lies on Site B's config.

Thanks in advance

Everyone's tags (4)
1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: VPN Phase 2 Failing

PFS is not matching.

Site A: you have "crypto map outside_map 2 set pfs group1"

Site B: you have "crypto map outside_map 4 set pfs" ---> which default to pfs group 2

Change either one to match each other.

Hope that resolves the issue.

2 REPLIES
Cisco Employee

Re: VPN Phase 2 Failing

PFS is not matching.

Site A: you have "crypto map outside_map 2 set pfs group1"

Site B: you have "crypto map outside_map 4 set pfs" ---> which default to pfs group 2

Change either one to match each other.

Hope that resolves the issue.

New Member

Re: VPN Phase 2 Failing

Ah was that all?? That got it working...thanks a mil!

4106
Views
0
Helpful
2
Replies
CreatePlease login to create content