cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
7333
Views
15
Helpful
7
Replies

CSCue42170 - IKEv2 Support Multi Selector under the same child SA

prashanth272
Level 1
Level 1

HI,

 

We are seeing a similar issue with Strongswan and CISCO ASA 9.7(1)4. Can someone please confirm if this is bug effects 9.7(1)4?

 

Thanks

Prashanth

7 Replies 7

Mamba24
Level 1
Level 1

I'm having the same issue with getting a Fortinet to connect to ASA.

 

If I protect 1 network then the VPN connects, but if I have multiple, it fails

I got mine working, my issue ended up being a NAT configuration issue on the ASA side. Once I resolved the issue, the tunnel came up and stayed up

Many thanks for that hint. In any circumstance, my ASA was using the same NAT-IP for two hosts. Very strange behaviour.

I'm using object NAT. The (right!) NAT object was used at the NAT section of the host.

But in the object overview i saw, that it was the IP of another NAT object. Creepy! :-)

 

 

Make sure to create a NAT entry to NOT NAT any traffic from your "protected Network" to the remote Network. The order of the NAT entries is important also (that was my problem)

stephan.ochs
Level 1
Level 1

Having exactly the same issue with Barracuda NG and ASA 9.7(1)15.

Can't understand, that Severity of this bug is "Enhancement".

Michael Muenz
Level 5
Level 5

I have this problem also with Cisco IOS 15.4 on 800 series with strongswan as the remote end. 

Michael Please rate all helpful posts

serg.v.boyko
Level 1
Level 1
Same issue with version 9.4(4)18