- Cisco Community
- Technology and Support
- Online Tools and Resources
- Cisco Bug Discussions
- CSCsl95043 - PIX/ASA L2TP/IPsec needs both "ipsec" and "l2tp-ipsec" in group-policy
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
CSCsl95043 - PIX/ASA L2TP/IPsec needs both "ipsec" and "l2tp-ipsec" in group-policy
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-24-2019 04:07 PM
Hi there,
I got an ASA running version 8.2(5) when I tried to connect through Cisco VPN Client it show me the following message:
Aug 24 16:54:16 [IKEv1]: Group = DefaultRAGroup, Username = xxxxx, IP = xxxxxxxxx, Tunnel Rejected: Conflicting protocols specified by tunnel-group and group-policy. My asa it's behind Router and do PAT for all ports for VPN
I found an article from Cisco that I have to enable both vpn-tunnel-protocol under group-policy, I already did that but any success. Ran debug crypto isakmp 127 and debug crypto ipsec 127, here is my debug output:
!
(config-group-policy)# Aug 24 16:54:13 [IKEv1]: IP = xxx.xx.xx.xxx, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + SA (1) + KE (4) + NONCE (10) + ID (5) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + NONE (0) total length : 838
Aug 24 16:54:13 [IKEv1]: IP = xxx.xx.xx.xxx, Responder: IPSec over TCP encapsulation is used local TCP port: 10000 peer TCP port: 64247
Aug 24 16:54:13 [IKEv1 DEBUG]: IP = xxx.xx.xx.xxx, processing SA payload
Aug 24 16:54:13 [IKEv1 DEBUG]: IP = xxx.xx.xx.xxx, processing ke payload
Aug 24 16:54:13 [IKEv1 DEBUG]: IP = xxx.xx.xx.xxx, processing ISA_KE payload
Aug 24 16:54:13 [IKEv1 DEBUG]: IP = xxx.xx.xx.xxx, processing nonce payload
Aug 24 16:54:13 [IKEv1 DEBUG]: IP = xxx.xx.xx.xxx, processing ID payload
Aug 24 16:54:13 [IKEv1 DEBUG]: IP = xxx.xx.xx.xxx, processing VID payload
Aug 24 16:54:13 [IKEv1 DEBUG]: IP = xxx.xx.xx.xxx, Received xauth V6 VID
Aug 24 16:54:13 [IKEv1 DEBUG]: IP = xxx.xx.xx.xxx, processing VID payload
Aug 24 16:54:13 [IKEv1 DEBUG]: IP = xxx.xx.xx.xxx, Received DPD VID
Aug 24 16:54:13 [IKEv1 DEBUG]: IP = xxx.xx.xx.xxx, processing VID payload
Aug 24 16:54:13 [IKEv1 DEBUG]: IP = xxx.xx.xx.xxx, Received Fragmentation VID
Aug 24 16:54:13 [IKEv1 DEBUG]: IP = xxx.xx.xx.xxx, IKE Peer included IKE fragmentation capability flags: Main Mode: True Aggressive Mode: False
Aug 24 16:54:13 [IKEv1 DEBUG]: IP = xxx.xx.xx.xxx, processing VID payload
Aug 24 16:54:13 [IKEv1 DEBUG]: IP = xxx.xx.xx.xxx, Received Cisco Unity client VID
Aug 24 16:54:13 [IKEv1]: IP = xxx.xx.xx.xxx, Connection landed on tunnel_group DefaultRAGroup
Aug 24 16:54:13 [IKEv1 DEBUG]: Group = DefaultRAGroup, IP = xxx.xx.xx.xxx, processing IKE SA payload
Aug 24 16:54:13 [IKEv1 DEBUG]: Group = DefaultRAGroup, IP = xxx.xx.xx.xxx, IKE SA Proposal # 1, Transform # 9 acceptable Matches global IKE entry # 1
Aug 24 16:54:13 [IKEv1 DEBUG]: Group = DefaultRAGroup, IP = xxx.xx.xx.xxx, constructing ISAKMP SA payload
Aug 24 16:54:13 [IKEv1 DEBUG]: Group = DefaultRAGroup, IP = xxx.xx.xx.xxx, constructing ke payload
Aug 24 16:54:13 [IKEv1 DEBUG]: Group = DefaultRAGroup, IP = xxx.xx.xx.xxx, constructing nonce payload
Aug 24 16:54:13 [IKEv1 DEBUG]: Group = DefaultRAGroup, IP = xxx.xx.xx.xxx, Generating keys for Responder...
Aug 24 16:54:13 [IKEv1 DEBUG]: Group = DefaultRAGroup, IP = xxx.xx.xx.xxx, constructing ID payload
Aug 24 16:54:13 [IKEv1 DEBUG]: Group = DefaultRAGroup, IP = xxx.xx.xx.xxx, constructing hash payload
Aug 24 16:54:13 [IKEv1 DEBUG]: Group = DefaultRAGroup, IP = xxx.xx.xx.xxx, Computing hash for ISAKMP
Aug 24 16:54:13 [IKEv1 DEBUG]: Group = DefaultRAGroup, IP = xxx.xx.xx.xxx, constructing Cisco Unity VID payload
Aug 24 16:54:13 [IKEv1 DEBUG]: Group = DefaultRAGroup, IP = xxx.xx.xx.xxx, constructing xauth V6 VID payload
Aug 24 16:54:13 [IKEv1 DEBUG]: Group = DefaultRAGroup, IP = xxx.xx.xx.xxx, constructing dpd vid payload
Aug 24 16:54:13 [IKEv1 DEBUG]: Group = DefaultRAGroup, IP = xxx.xx.xx.xxx, constructing Fragmentation VID + extended capabilities payload
Aug 24 16:54:13 [IKEv1 DEBUG]: Group = DefaultRAGroup, IP = xxx.xx.xx.xxx, constructing VID payload
Aug 24 16:54:13 [IKEv1 DEBUG]: Group = DefaultRAGroup, IP = xxx.xx.xx.xxx, Send Altiga/Cisco VPN3000/Cisco ASA GW VID
Aug 24 16:54:13 [IKEv1]: IP = xxx.xx.xx.xxx, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + SA (1) + KE (4) + NONCE (10) + ID (5) + HASH (8) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + NONE (0) total length : 372
Aug 24 16:54:13 [IKEv1]: IP = xxx.xx.xx.xxx, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + HASH (8) + NOTIFY (11) + VENDOR (13) + VENDOR (13) + NONE (0) total length : 120
Aug 24 16:54:13 [IKEv1 DEBUG]: Group = DefaultRAGroup, IP = xxx.xx.xx.xxx, processing hash payload
Aug 24 16:54:13 [IKEv1 DEBUG]: Group = DefaultRAGroup, IP = xxx.xx.xx.xxx, Computing hash for ISAKMP
Aug 24 16:54:13 [IKEv1 DEBUG]: Group = DefaultRAGroup, IP = xxx.xx.xx.xxx, processing notify payload
Aug 24 16:54:13 [IKEv1 DEBUG]: Group = DefaultRAGroup, IP = xxx.xx.xx.xxx, processing VID payload
Aug 24 16:54:13 [IKEv1 DEBUG]: Group = DefaultRAGroup, IP = xxx.xx.xx.xxx, Processing IOS/PIX Vendor ID payload (version: 1.0.0, capabilities: 00000408)
Aug 24 16:54:13 [IKEv1 DEBUG]: Group = DefaultRAGroup, IP = xxx.xx.xx.xxx, processing VID payload
Aug 24 16:54:13 [IKEv1 DEBUG]: Group = DefaultRAGroup, IP = xxx.xx.xx.xxx, Received Cisco Unity client VID
Aug 24 16:54:13 [IKEv1 DEBUG]: Group = DefaultRAGroup, IP = xxx.xx.xx.xxx, constructing blank hash payload
Aug 24 16:54:13 [IKEv1 DEBUG]: Group = DefaultRAGroup, IP = xxx.xx.xx.xxx, constructing qm hash payload
Aug 24 16:54:13 [IKEv1]: IP = xxx.xx.xx.xxx, IKE_DECODE SENDING Message (msgid=78bcce34) with payloads : HDR + HASH (8) + ATTR (14) + NONE (0) total length : 72
Aug 24 16:54:16 [IKEv1]: IP = xxx.xx.xx.xxx, IKE_DECODE RECEIVED Message (msgid=78bcce34) with payloads : HDR + HASH (8) + ATTR (14) + NONE (0) total length : 86
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, IP = xxx.xx.xx.xxx, process_attr(): Enter!
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, IP = xxx.xx.xx.xxx, Processing MODE_CFG Reply attributes.
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, IKEGetUserAttributes: primary DNS = cleared
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, IKEGetUserAttributes: secondary DNS = cleared
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, IKEGetUserAttributes: primary WINS = cleared
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, IKEGetUserAttributes: secondary WINS = cleared
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, IKEGetUserAttributes: default domain = laoriental.com
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, IKEGetUserAttributes: IP Compression = disabled
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, IKEGetUserAttributes: Split Tunneling Policy = Disabled
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, IKEGetUserAttributes: Browser Proxy Setting = no-modify
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, IKEGetUserAttributes: Browser Proxy Bypass Local = disable
Aug 24 16:54:16 [IKEv1]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, User (xxxxxx) authenticated.
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, constructing blank hash payload
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, constructing qm hash payload
Aug 24 16:54:16 [IKEv1]: IP = xxx.xx.xx.xxx, IKE_DECODE SENDING Message (msgid=c339bdd8) with payloads : HDR + HASH (8) + ATTR (14) + NONE (0) total length : 64
Aug 24 16:54:16 [IKEv1]: IP = xxx.xx.xx.xxx, IKE_DECODE RECEIVED Message (msgid=c339bdd8) with payloads : HDR + HASH (8) + ATTR (14) + NONE (0) total length : 60
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, process_attr(): Enter!
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, Processing cfg ACK attributes
Aug 24 16:54:16 [IKEv1]: IP = xxx.xx.xx.xxx, IKE_DECODE RECEIVED Message (msgid=c1368840) with payloads : HDR + HASH (8) + ATTR (14) + NONE (0) total length : 183
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, process_attr(): Enter!
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, Processing cfg Request attributes
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, MODE_CFG: Received request for IPV4 address!
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, MODE_CFG: Received request for IPV4 net mask!
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, MODE_CFG: Received request for DNS server address!
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, MODE_CFG: Received request for WINS server address!
Aug 24 16:54:16 [IKEv1]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, Received unsupported transaction mode attribute: 5
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, MODE_CFG: Received request for Banner!
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, MODE_CFG: Received request for Save PW setting!
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, MODE_CFG: Received request for Default Domain Name!
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, MODE_CFG: Received request for Split Tunnel List!
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, MODE_CFG: Received request for Split DNS!
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, MODE_CFG: Received request for PFS setting!
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, MODE_CFG: Received request for Client Browser Proxy Setting!
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, MODE_CFG: Received request for backup ip-sec peer list!
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, MODE_CFG: Received request for Client Smartcard Removal Disconnect Setting!
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, MODE_CFG: Received request for Application Version!
Aug 24 16:54:16 [IKEv1]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, Client Type: WinNT Client Application Version: 5.0.07.0440
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, MODE_CFG: Received request for FWTYPE!
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, MODE_CFG: Received request for DHCP hostname for DDNS is: Arank-Desktop!
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, Obtained IP addr (192.168.95.20) prior to initiating Mode Cfg (XAuth enabled)
Aug 24 16:54:16 [IKEv1]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, Assigned private IP address 192.168.95.20 to remote user
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, constructing blank hash payload
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, construct_cfg_set: default domain = laoriental.com
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, Send Client Browser Proxy Attributes!
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, Browser Proxy set to No-Modify. Browser Proxy data will NOT be included in the mode-cfg reply
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, Send Cisco Smartcard Removal Disconnect enable!!
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, constructing qm hash payload
Aug 24 16:54:16 [IKEv1]: IP = xxx.xx.xx.xxx, IKE_DECODE SENDING Message (msgid=c1368840) with payloads : HDR + HASH (8) + ATTR (14) + NONE (0) total length : 184
Aug 24 16:54:16 [IKEv1 DECODE]: IP = xxx.xx.xx.xxx, IKE Responder starting QM: msg id = 93bc9523
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, Delay Quick Mode processing, Cert/Trans Exch/RM DSID in progress
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, Resume Quick Mode processing, Cert/Trans Exch/RM DSID completed
Aug 24 16:54:16 [IKEv1]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, PHASE 1 COMPLETED
Aug 24 16:54:16 [IKEv1]: IP = xxx.xx.xx.xxx, Keep-alive type for this connection: DPD
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, Starting P1 rekey timer: 82080 seconds.
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, sending notify message
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, constructing blank hash payload
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, constructing qm hash payload
Aug 24 16:54:16 [IKEv1]: IP = xxx.xx.xx.xxx, IKE_DECODE SENDING Message (msgid=54d2f5c2) with payloads : HDR + HASH (8) + NOTIFY (11) + NONE (0) total length : 92
Aug 24 16:54:16 [IKEv1]: IP = xxx.xx.xx.xxx, IKE_DECODE RECEIVED Message (msgid=93bc9523) with payloads : HDR + HASH (8) + SA (1) + NONCE (10) + ID (5) + ID (5) + NONE (0) total length : 1026
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, processing hash payload
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, processing SA payload
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, processing nonce payload
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, processing ID payload
Aug 24 16:54:16 [IKEv1 DECODE]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, ID_IPV4_ADDR ID received
192.168.95.20
Aug 24 16:54:16 [IKEv1]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, Received remote Proxy Host data in ID Payload: Address 192.168.95.20, Protocol 0, Port 0
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, processing ID payload
Aug 24 16:54:16 [IKEv1 DECODE]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, ID_IPV4_ADDR_SUBNET ID received--0.0.0.0--0.0.0.0
Aug 24 16:54:16 [IKEv1]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, Received local IP Proxy Subnet data in ID Payload: Address 0.0.0.0, Mask 0.0.0.0, Protocol 0, Port 0
Aug 24 16:54:16 [IKEv1]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, Tunnel Rejected: Conflicting protocols specified by tunnel-group and group-policy
Aug 24 16:54:16 [IKEv1]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, QM FSM error (P2 struct &0xcde9bcf8, mess id 0x93bc9523)!
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, IKE QM Responder FSM error history (struct &0xcde9bcf8) <state>, <event>: QM_DONE, EV_ERROR-->QM_BLD_MSG2, EV_PROC_MSG-->QM_BLD_MSG2, EV_HASH_OK-->QM_BLD_MSG2, NullEvent-->QM_BLD_MSG2, EV_COMP_HASH-->QM_BLD_MSG2, EV_VALIDATE_MSG-->QM_BLD_MSG2, EV_DECRYPT_OK-->QM_BLD_MSG2, NullEvent
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, sending delete/delete with reason message
Aug 24 16:54:16 [IKEv1]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, Removing peer from correlator table failed, no match!
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, IKE SA AM:1d618bef rcv'd Terminate: state AM_ACTIVE flags 0x2841c041, refcnt 1, tuncnt 0
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, IKE SA AM:1d618bef terminating: flags 0x2941c001, refcnt 0, tuncnt 0
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, sending delete/delete with reason message
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, constructing blank hash payload
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, constructing IKE delete payload
Aug 24 16:54:16 [IKEv1 DEBUG]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, constructing qm hash payload
Aug 24 16:54:16 [IKEv1]: IP = xxx.xx.xx.xxx, IKE_DECODE SENDING Message (msgid=3861d087) with payloads : HDR + HASH (8) + DELETE (12) + NONE (0) total length : 80
Aug 24 16:54:16 [IKEv1]: Group = DefaultRAGroup, Username = xxxxxx, IP = xxx.xx.xx.xxx, Session is being torn down. Reason: Unknown
Aug 24 16:54:16 [IKEv1]: Ignoring msg to mark SA with dsID 8192 dead because SA deleted
Any idea? I have so much time stuck on this.
- Labels:
-
Security
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide