getting the error message %ASA-vpn-4-713903: IP = x.x.x.x, Header invalid, missing SA payload! (next payload = 4)on a VPN tunnel initiation, this is the first time this tunnel has tried to connect and we are seeing this issue.Any Ideas. Thanks
Network Security
Engage with peers and experts on network security topics such as Secure Firewall Threat Defense, Adaptive Security Appliance, Secure Firewall Management Center, and Security Cloud Control.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Cisco Community
- Technology and Support
- Security
- Network Security
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Labels
-
AAA
(8) -
Access Control Server (ACS)
(6) -
Access List
(4) -
ACI
(10) -
Advanced Threats
(1) -
AMP for Endpoints
(1) -
AnyConnect
(3) -
APIs
(1) -
Appliances
(18) -
ASA
(1) -
ASR 1000 Series
(1) -
Branch Router
(2) -
Buying Recommendation
(84) -
Catalyst 2000
(1) -
Catalyst 3000
(2) -
Catalyst 4000
(1) -
Catalyst 6000
(1) -
Catalyst 8000
(1) -
Catalyst 9000
(2) -
Catalyst Switch
(2) -
Catalyst Wireless Controllers
(1) -
Cisco
(1) -
Cisco Adaptive Security Appliance (ASA)
(9,510) -
Cisco Bugs
(31) -
Cisco Cafe
(25) -
Cisco CLI Analyzer
(1) -
Cisco Cloud Services Router
(1) -
Cisco Defense Orchestrator (CDO)
(139) -
Cisco Firepower Device Manager (FDM)
(812) -
Cisco Firepower Management Center (FMC)
(2,909) -
Cisco Firepower Threat Defense (FTD)
(3,164) -
Cisco Press Cafe
(1) -
Cisco Secure Firewall Management Center (FMC)
(3) -
Cisco Secure Firewall Threat Defense (FTD)
(2) -
Cisco Security Manager (CSM)
(3) -
Cisco Software
(17) -
CISCO START ANZ
(1) -
Cisco Threat Response
(1) -
Cisco Vulnerability Management
(42) -
Cloud
(1) -
Cloud Security
(3) -
Community Bug or Issue
(1) -
Community Feedback Forum
(31) -
Community Ideas
(18) -
Compliance and Posture
(1) -
Crypto
(1) -
CSC Content with No Valid Community to Post
(1) -
CUBE
(1) -
CUCM
(1) -
Data Center Networking
(1) -
Device Admin
(13) -
EEM Scripting
(1) -
Emergency Responder
(1) -
Endpoint Security
(6) -
Enterprise Agreement
(1) -
Event Analysis
(258) -
FirePOWER
(1) -
Firepower Chassis Manager (FCM)
(2) -
Firepower Device Manager (FDM)
(16) -
Firepower Management Center (FMC)
(408) -
Firepower Threat Defense (FTD)
(221) -
Firewall Migration Tool (FMT)
(25) -
Firewalls
(1,171) -
FMC
(1) -
General
(2) -
Guest
(1) -
Identity Services Engine (ISE)
(9) -
IE3300
(1) -
Integrated Security
(8) -
Integrated Security Architecture
(1) -
Integrations
(3) -
Investigation
(2) -
iOS
(1) -
IPS and IDS
(6,567) -
IPS and IDS1
(1) -
IPS-IDS
(1) -
IPSEC
(1) -
ISE
(1) -
LAN Switching
(7) -
License
(319) -
MPLS
(1) -
Multicloud Defense
(2) -
Network Management
(90) -
Network Security
(2) -
Networking
(1) -
NFVIS
(1) -
NGFW Firewalls
(37,553) -
NGIPS
(1,872) -
Online Tools and Resources
(1) -
Optical Networking
(3) -
Optics
(1) -
Other Collaboration Topics
(1) -
Other Community Feedback
(4) -
Other Firewalls
(1) -
Other NAC
(18) -
Other Network
(1) -
Other Network Security Topics
(10,769) -
Other Networking
(8) -
Other Routers
(9) -
Other Routing
(24) -
Other Routing and Switching topics
(2) -
Other Security
(1) -
Other Security Topics
(18) -
Other Switches
(11) -
Other Switching
(4) -
Other VPN Topics
(1) -
Passive Identity
(1) -
Physical Security
(20) -
Policy and Access
(2) -
Prioritization
(2) -
Remote Access
(2) -
Room Endpoints
(1) -
Routing Protocols
(7) -
SD-WAN Security
(1) -
Secure Network Analytics
(1) -
Security
(3) -
Security Management
(624) -
Segmentation
(3) -
Service Providers
(1) -
Small Business Routers
(4) -
Small Business Security
(2) -
Sourcefire
(2) -
Support
(2) -
Threat Containment
(6) -
Threat Defense
(1) -
Unified Computing System (UCS)
(1) -
Voice Gateways
(1) -
VPN
(24) -
VPN and AnyConnect
(1) -
Vulnerability Management
(41) -
WAN
(7) -
Web Security
(5) -
Webex Teams
(1) -
Wired
(3) -
Wireless Security
(1)
- « Previous
- Next »
Forum Posts
Hi Everyone,I'm working out a concept here and want to know if this can be done. On an ASA I would like to have 2 different interfaces connect to 2 different ISP's - one primary, one backup. As well I will be running VPN tunnels across the links. Wha...
Hi Guys!Can anyone help me in providing a link that describes the features of the below 2 images : 7.2.4 and 7.2(2-26) and the difference between them.Thanks.Jean
Hi to all,i have a simple question, is possible to configure an asa for a site to site vpn and to configure pat for internet connectivity at the same time?
Hey,I have 2 x pix515e's to setup. This is for a colo so there are no workstations/users on the lan/secured int. However i do have sql servers that i would like to keep out of the dmz from the web servers. should i setup the pix with 3 interfaces: 1 ...
Just a quick open question I hope.After recently reading about reflexive access-lists on Routers I was wondering if they are required on Cisco PIX or ASAs?Or is this kind of thing taken care of as default behavious on a security module such as this?T...
good morning guys! we recently procured an ASA-5510 app. went thru the ASDM Setup wizard with External and Internal config. public and private IP's already established. accdg to the ASA doc, internal clients should be immediately able to get outb...
Resolved! ASA - Translate Destination IP only?
Hello All,I have a public IP and port (1.1.1.1:80) that is translated to a private IP:static (inside,outside) 1.1.1.1 192.168.1.1 netmask 255.255.255.255The ACL applied inbound on the outside interface permits any hosts to 1.1.1.1:80.My question is c...
Hello,I've faced to an interesting thing at my GRE tunnels.sometime packets which I've defined a static route to tunnel as below don't route to GRE tunnel.ip route x.x.x.x 255.255.255.255 Tunnel0but when I remove it and add it after a short time it r...
Our setup is this. Call comes in via SIP Trunk, routes to CallManager through ASA and back out through to the remote site via VPN. Yeah, it's a complex setup I know. The problem is that when a caller calls and gets connected with a user, the calli...
While in ASDM via the management interface, I get ASA log entries every 30 seconds with 'deny TCP (no connection) from *** to ***/443 flags FIN ACK on interface management'. Operation of ASDM is not impacted, but I'd like to correct this if possible...
Dear All,I am thinking to configure a Policy Nat associated to a Static Identity Nat in order to exclude my internal networks from nat.access-list POI_NET1_POLICY_NAT extended permit tcp 192.168.0.0 255.255.252.0 object-group mail2 eq wwwstatic (insi...
Hi all,How can I see the current local host sessions through ASDM (grafically, like show local-host). Actually, I would like to know which local host is using how much bandwidth.Thanks,Norbert
Could someone explain the real differences between these two options on the ASA 8.2 release? I know a DMZ is assigned a different security level and the device has a real public IP assigned to it where the Public Server option is a server with a inte...
Hi,I have two FWSM in multiple contexts mode and working as active/standby. I configured DHCP relay on one context interface (DMZ), using the ASDM graphical interface. When applying the configuration, a failover occured, which led to loss of connecti...
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Unanswered Topics
| Subject | Author | Posted |
|---|---|---|
| 07-16-2025 04:21 AM | ||
| 07-06-2025 01:40 PM | ||
| 07-04-2025 01:59 AM | ||
| 06-19-2025 07:32 AM | ||
| 06-17-2025 01:07 PM |
New solutions
Top Solution Authors
| User | Count |
|---|---|
| 10 | |
| 5 | |
| 5 | |
| 2 | |
| 1 |
