Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

what does it mean ( Role : responder and Role : initiator ) ?

Dear All,

I have some question about some error from ASA 5500?

some time i saw Role: Responder  and some time i saw Role: initiator

what does it mean ?

and what is the problem ?

HQ# sh crypto isakmp sa

   Active SA: 3
    Rekey SA: 0 (A tunnel will report 1 Active and 1 Rekey SA during rekey)
Total IKE SA: 3

1   IKE Peer: 10.189.137.8
    Type    : L2L             Role    : responder
    Rekey   : no              State   : MM_ACTIVE
2   IKE Peer: 10.189.137.10
    Type    : L2L             Role    : initiator
    Rekey   : no              State   : MM_ACTIVE
3   IKE Peer: 10.189.137.9
    Type    : L2L             Role    : initiator
    Rekey   : no              State   : MM_ACTIVE
HQ#

2 ACCEPTED SOLUTIONS

Accepted Solutions
Cisco Employee

Re: what does it mean ( Role : responder and Role :

Responder means that the peer initiated the VPN connection while Initiator means that the VPN tunnel is initiated from this end.

Hope that answers your question.

Cisco Employee

Re: what does it mean ( Role : responder and Role :

MM_Active means that phase 1 is coming up OK - it's working fine.

The role of responder or initiator just means which device initiates the VPN tunnel. Whether your ASA is the one who initiates the VPN tunnel, or the remote peer initiates the VPN tunnel.

To identify whether phase 1 is working fine or not is the State: MM_ACTIVE. If the state is others, for example: MM_WAIT_MSG2, that means VPN is not working as it is waiting for Message#2.

4 REPLIES
Cisco Employee

Re: what does it mean ( Role : responder and Role :

Responder means that the peer initiated the VPN connection while Initiator means that the VPN tunnel is initiated from this end.

Hope that answers your question.

New Member

Re: what does it mean ( Role : responder and Role :

Dear jennifer,

sorry i'm still not clear about this!!!

Role    : responder      it mean it working properly  right?

Role    : initiator          it mean it not workin properly right?

please help me more detail on this!!!!!

Thanks

Cisco Employee

Re: what does it mean ( Role : responder and Role :

MM_Active means that phase 1 is coming up OK - it's working fine.

The role of responder or initiator just means which device initiates the VPN tunnel. Whether your ASA is the one who initiates the VPN tunnel, or the remote peer initiates the VPN tunnel.

To identify whether phase 1 is working fine or not is the State: MM_ACTIVE. If the state is others, for example: MM_WAIT_MSG2, that means VPN is not working as it is waiting for Message#2.

New Member

Re: what does it mean ( Role : responder and Role :

Dear Jennifer,

Thanks for your help!!!

I will rate to you !!!

i close this question and i will create other question about VPN site to site ( HQ share internet to Branch)!!!

I Hope you can help me !!!

Bes Regards,

13345
Views
0
Helpful
4
Replies
CreatePlease to create content