Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

VPN send errors

Hi all,

I have configured basic VPN with crypto map on physical interface. On the same interface also configured NAT (outside). With NAT-ACL local IPs NATed to physical interface public IP, then ACL for crypto map is used for encryption which matches interface publlic IP and destination public IP.

show ip nat translations shows that NAT is working.

show crypto isakmp sa  shows status ACTIVE.

But show crypto ipsec sa shows:

    #pkts encaps: 0, #pkts encrypt: 0, #pkts digest: 0

    #pkts decaps: 0, #pkts decrypt: 0, #pkts verify: 0

    #pkts compressed: 0, #pkts decompressed: 0

    #pkts not compressed: 0, #pkts compr. failed: 0

    #pkts not decompressed: 0, #pkts decompress failed: 0

    #send errors 3817, #recv errors 0

Packets encrypted and decrypted - 0 and send errors are increasing.

So what to do/check ?

Thanks


1 REPLY
New Member

VPN send errors

And debug shows:

#debug crypto isakmp error

Crypto ISAKMP Error debugging is on

*Jan 23 13:00:48.007: ISAKMP:(1035):deleting node -1526225909 error TRUE reason "Delete Larval"

*Jan 23 13:01:18.003: ISAKMP:(1035):deleting node 1292924678 error TRUE reason "Delete Larval"

*Jan 23 13:01:48.007: ISAKMP:(1035):deleting node -1122803491 error TRUE reason "Delete Larval"

*Jan 23 13:02:18.003: ISAKMP:(1035):deleting node 258380048 error TRUE reason "Delete Larval"

*Jan 23 13:02:48.007: ISAKMP:(1035):deleting node -439430047 error TRUE reason "Delete Larval"

281
Views
0
Helpful
1
Replies
CreatePlease login to create content