Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
358
Views
0
Helpful
1
Replies

VPN problem ( site to site VPn between Cisoc Vpn con.(3000) Vs ISA 2004

vtsriram1020
Level 1
Level 1

‎07-26-2007 06:30 AM - edited ‎03-03-2019 06:02 PM

Hi Folks,

I am on the process of putting site-to-site vpn between my office and my customer place. I am having ISA 2004 and in my customer place they are having Cisco 3000 Vpn concentrator We have congirued both side with 3DES and MD5 encryption.

but I am not able to ping their internal network. when i see their log(VPN concentrator) I am getting the Follwoing logs.

49438 07/26/2007 12:51:39.640 SEV=5 IKE/172 RPT=3957 213.249.140.189

Group [213.249.140.189]

Automatic NAT Detection Status:

Remote end is NOT behind a NAT device

This end is NOT behind a NAT device

49442 07/26/2007 12:51:39.740 SEV=4 IKE/119 RPT=3674 213.249.140.189

Group [213.249.140.189]

PHASE 1 COMPLETED

49443 07/26/2007 12:51:39.740 SEV=4 AUTH/22 RPT=3574 213.249.140.189

User [213.249.140.189] Group [213.249.140.189] connected, Session Type: IPSec/LA

N-to-LAN

49445 07/26/2007 12:51:39.740 SEV=4 AUTH/84 RPT=72

LAN-to-LAN tunnel to headend device 213.249.140.189 connected

49446 07/26/2007 12:51:39.800 SEV=5 IKE/35 RPT=46 213.249.140.189

Group [213.249.140.189]

Received remote IP Proxy Subnet data in ID Payload:

Address 10.50.0.0, Mask 255.255.0.0, Protocol 0, Port 0

49449 07/26/2007 12:51:39.800 SEV=5 IKE/34 RPT=4350 213.249.140.189

Group [213.249.140.189]

Received local IP Proxy Subnet data in ID Payload:

Address 150.4.0.0, Mask 255.255.0.0, Protocol 0, Port 0

49452 07/26/2007 12:51:39.800 SEV=5 IKE/66 RPT=4324 213.249.140.189

Group [213.249.140.189]

IKE Remote Peer configured for SA: L2L: Acuma Network

49453 07/26/2007 12:51:39.800 SEV=4 IKE/227 RPT=46 213.249.140.189

Group [213.249.140.189]

All IPSec SA proposals found unacceptable!

49454 07/26/2007 12:51:39.800 SEV=4 IKEDBG/97 RPT=76 213.249.140.189

Group [213.249.140.189]

QM FSM error (P2 struct &0x36eedbc, mess id 0x33ffb6e1)!

49455 07/26/2007 12:51:39.810 SEV=4 AUTH/23 RPT=75 213.249.140.189

User [213.249.140.189] Group [213.249.140.189] disconnected: duration: 0:00:00

49456 07/26/2007 12:51:39.810 SEV=4 AUTH/85 RPT=72

LAN-to-LAN tunnel to headend device 213.249.140.189 disconnected: duration: 0:00

:00

Any one can help me out what i am missing in configuration

Thanks

Sriram V

Labels:
0 Helpful
1 Reply 1

r-simpson
Level 3
Level 3

‎08-01-2007 10:12 AM

At this time I am trying to locate a url that explains how to configure the remote ISA server for the lan-to-lan. Underneath is the url that explains config on concentrator.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2284/products_configuration_example09186a00800946a4.shtml

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card