Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
641
Views
1
Helpful
5
Replies

FMC/FDT site to site VPN

edp-adm
Level 1
Level 1

‎03-21-2023 03:10 AM - edited ‎03-21-2023 03:25 AM

Hello

I have Firepower 1120 and configured s2s VPN to 3rd party using parameters as below

IKEv1 Encryption AES-256 Hash SHA Lifetime: 21600

IPSec Encryption AES-256 Hash SHA Lifetime: 3600

DH14 

 With NAT 

nat (local_ip_pool,outsite_interface) source static local_ip_pool local_ip_pool destination static external_ip_pool external_ip_pool no-proxy-arp

Tunnel is in "Unknown" status

Is there any way to debug this via FMC/FTD? I tried to setup logging at FMC Devices -> Platform Settings -> Syslog  but there is nothing helpful for debugging s2s

0 Helpful
5 Replies 5

Herald Sison
Level 3
Level 3

‎03-21-2023 09:47 AM

have you tried debugging using FTD CLI?

0 Helpful

edp-adm
Level 1
Level 1
In response to Herald Sison

‎03-22-2023 01:38 AM

Ya there was no logs about the tunnel itself, because my FTD works as server and was waiting for connection. Setting up the connection type on my side to "Originate Only" started connecting and finally logs appear.

edp-adm
Level 1
Level 1

‎03-22-2023 08:40 AM

Ok I'm able to get logs but tunnel still fails, log from device pastebin - logs

0 Helpful

MHM Cisco World
VIP
VIP
In response to edp-adm

‎03-22-2023 09:34 AM

can not open link 

0 Helpful

edp-adm
Level 1
Level 1
In response to MHM Cisco World

‎03-22-2023 09:35 AM

  1. <165>:2023-03-22T15:10:19Z: %FTD-vpn-5-752004: Tunnel Manager dispatching a KEY_ACQUIRE message to IKEv1. Map Tag = CSM_outsite_map. Map Sequence Number = 2.
  2. <164>:2023-03-22T15:10:19Z: %FTD-vpn-4-752010: IKEv2 Doesn't have a proposal specified
  3. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-715077: Pitcher: received a key acquire message, spi 0x0
  4. <165>:2023-03-22T15:10:19Z: %FTD-vpn-5-713041: IP = X.X.X.X, IKE Initiator: New Phase 1, Intf outsite, IKE Peer X.X.X.X local Proxy Address Y.Y.Y.Y, remote Proxy Address X.X.X.X, Crypto map (CSM_outsite_map)
  5. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-715046: IP = X.X.X.X, constructing ISAKMP SA payload
  6. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-715046: IP = X.X.X.X, constructing NAT-Traversal VID ver 02 payload
  7. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-715046: IP = X.X.X.X, constructing NAT-Traversal VID ver 03 payload
  8. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-715046: IP = X.X.X.X, constructing NAT-Traversal VID ver RFC payload
  9. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-715046: IP = X.X.X.X, constructing Fragmentation VID + extended capabilities payload
  10. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-713236: IP = X.X.X.X, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + NONE (0) total length : 172
  11. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-713906: IKE Receiver: Packet received on Y.Y.Y.Y:500 from X.X.X.X:500
  12. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-713236: IP = X.X.X.X, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + VENDOR (13) + VENDOR (13) + NONE (0) total length : 152
  13. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-715047: IP = X.X.X.X, processing SA payload
  14. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-713906: IP = X.X.X.X, Oakley proposal is acceptable
  15. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-715047: IP = X.X.X.X, processing VID payload
  16. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-715047: IP = X.X.X.X, processing VID payload
  17. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-715049: IP = X.X.X.X, Received NAT-Traversal RFC VID
  18. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-715047: IP = X.X.X.X, processing VID payload
  19. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-715049: IP = X.X.X.X, Received Fragmentation VID
  20. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-715064: IP = X.X.X.X, IKE Peer included IKE fragmentation capability flags: Main Mode: True Aggressive Mode: False
  21. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-715046: IP = X.X.X.X, constructing ke payload
  22. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-715046: IP = X.X.X.X, constructing nonce payload
  23. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-715046: IP = X.X.X.X, constructing Cisco Unity VID payload
  24. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-715046: IP = X.X.X.X, constructing xauth V6 VID payload
  25. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-715048: IP = X.X.X.X, Send IOS VID
  26. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-715038: IP = X.X.X.X, Constructing ASA spoofing IOS Vendor ID payload (version: 1.0.0, capabilities: 20000001)
  27. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-715046: IP = X.X.X.X, constructing VID payload
  28. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-715048: IP = X.X.X.X, Send Altiga/Cisco VPN3000/Cisco ASA GW VID
  29. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-715046: IP = X.X.X.X, constructing NAT-Discovery payload
  30. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-713906: IP = X.X.X.X, computing NAT Discovery hash
  31. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-715046: IP = X.X.X.X, constructing NAT-Discovery payload
  32. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-713906: IP = X.X.X.X, computing NAT Discovery hash
  33. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-713236: IP = X.X.X.X, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + KE (4) + NONCE (10) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + NAT-D (20) + NAT-D (20) + NONE (0) total length : 432
  34. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-713906: IKE Receiver: Packet received on Y.Y.Y.Y:500 from X.X.X.X:500
  35. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-713236: IP = X.X.X.X, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + KE (4) + NONCE (10) + NAT-D (20) + NAT-D (20) + NONE (0) total length : 356
  36. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-715047: IP = X.X.X.X, processing ke payload
  37. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-715047: IP = X.X.X.X, processing ISA_KE payload
  38. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-715047: IP = X.X.X.X, processing nonce payload
  39. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-715047: IP = X.X.X.X, processing NAT-Discovery payload
  40. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-713906: IP = X.X.X.X, computing NAT Discovery hash
  41. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-715047: IP = X.X.X.X, processing NAT-Discovery payload
  42. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-713906: IP = X.X.X.X, computing NAT Discovery hash
  43. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-713906: IP = X.X.X.X, Connection landed on tunnel_group X.X.X.X
  44. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-713906: Group = X.X.X.X, IP = X.X.X.X, Generating keys for Initiator...
  45. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-715046: Group = X.X.X.X, IP = X.X.X.X, constructing ID payload
  46. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-715046: Group = X.X.X.X, IP = X.X.X.X, constructing hash payload
  47. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-715076: Group = X.X.X.X, IP = X.X.X.X, Computing hash for ISAKMP
  48. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-715046: Group = X.X.X.X, IP = X.X.X.X, constructing dpd vid payload
  49. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-713236: IP = X.X.X.X, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + ID (5) + HASH (8) + VENDOR (13) + NONE (0) total length : 84
  50. <166>:2023-03-22T15:10:19Z: %FTD-vpn-6-713172: Group = X.X.X.X, IP = X.X.X.X, Automatic NAT Detection Status: Remote end is NOT behind a NAT device This end is NOT behind a NAT device
  51. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-713906: IKE Receiver: Packet received on Y.Y.Y.Y:500 from X.X.X.X:500
  52. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-713236: IP = X.X.X.X, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + ID (5) + HASH (8) + NONE (0) total length : 64
  53. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-715047: Group = X.X.X.X, IP = X.X.X.X, processing ID payload
  54. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-714011: Group = X.X.X.X, IP = X.X.X.X, ID_IPV4_ADDR ID received
  55. X.X.X.X
  56. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-715047: Group = X.X.X.X, IP = X.X.X.X, processing hash payload
  57. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-715076: Group = X.X.X.X, IP = X.X.X.X, Computing hash for ISAKMP
  58. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-713906: IP = X.X.X.X, Connection landed on tunnel_group X.X.X.X
  59. <166>:2023-03-22T15:10:19Z: %FTD-auth-6-113009: AAA retrieved default group policy (.DefaultS2SGroupPolicy) for user = X.X.X.X
  60. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-713906: Group = X.X.X.X, IP = X.X.X.X, Oakley begin quick mode
  61. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-714002: Group = X.X.X.X, IP = X.X.X.X, IKE Initiator starting QM: msg id = 4bd7018f
  62. <165>:2023-03-22T15:10:19Z: %FTD-vpn-5-713119: Group = X.X.X.X, IP = X.X.X.X, PHASE 1 COMPLETED
  63. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-713121: IP = X.X.X.X, Keep-alive type for this connection: None
  64. <163>:2023-03-22T15:10:19Z: %FTD-vpn-3-713122: IP = X.X.X.X, Keep-alives configured on but peer does not support keep-alives (type = None)
  65. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-715080: Group = X.X.X.X, IP = X.X.X.X, Starting P1 rekey timer: 16200 seconds.
  66. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-713906: Group = X.X.X.X, IP = X.X.X.X, Add to IKEv1 Tunnel Table succeeded for SA with logical ID 5033984
  67. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-713906: Group = X.X.X.X, IP = X.X.X.X, Add to IKEv1 MIB Table succeeded for SA with logical ID 5033984
  68. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-715006: Group = X.X.X.X, IP = X.X.X.X, IKE got SPI from key engine: SPI = 0x3693a6b9
  69. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-713906: Group = X.X.X.X, IP = X.X.X.X, oakley constructing quick mode
  70. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-715046: Group = X.X.X.X, IP = X.X.X.X, constructing blank hash payload
  71. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-715046: Group = X.X.X.X, IP = X.X.X.X, constructing IPSec SA payload
  72. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-715046: Group = X.X.X.X, IP = X.X.X.X, constructing IPSec nonce payload
  73. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-715046: Group = X.X.X.X, IP = X.X.X.X, constructing pfs ke payload
  74. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-715001: Group = X.X.X.X, IP = X.X.X.X, constructing proxy ID
  75. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-713906: Group = X.X.X.X, IP = X.X.X.X, Transmitting Proxy Id:
  76. Local host: Y.Y.Y.Y Protocol 0 Port 0
  77. Remote host: X.X.X.X Protocol 0 Port 0
  78. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-714007: Group = X.X.X.X, IP = X.X.X.X, IKE Initiator sending Initial Contact
  79. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-715046: Group = X.X.X.X, IP = X.X.X.X, constructing qm hash payload
  80. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-714004: Group = X.X.X.X, IP = X.X.X.X, IKE Initiator sending 1st QM pkt: msg id = 4bd7018f
  81. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-713236: IP = X.X.X.X, IKE_DECODE SENDING Message (msgid=4bd7018f) with payloads : HDR + HASH (8) + SA (1) + NONCE (10) + KE (4) + ID (5) + ID (5) + NOTIFY (11) + NONE (0) total length : 456
  82. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-713906: IKE Receiver: Packet received on Y.Y.Y.Y:500 from X.X.X.X:500
  83. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-713236: IP = X.X.X.X, IKE_DECODE RECEIVED Message (msgid=d4894207) with payloads : HDR + HASH (8) + NOTIFY (11) + NONE (0) total length : 64
  84. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-715047: Group = X.X.X.X, IP = X.X.X.X, processing hash payload
  85. <167>:2023-03-22T15:10:19Z: %FTD-vpn-7-715047: Group = X.X.X.X, IP = X.X.X.X, processing notify payload
  86. <165>:2023-03-22T15:10:19Z: %FTD-vpn-5-713068: Group = X.X.X.X, IP = X.X.X.X, Received non-routine Notify message: Invalid ID info (18)
  87. <167>:2023-03-22T15:10:27Z: %FTD-vpn-7-713906: IKE Receiver: Packet received on Y.Y.Y.Y:500 from X.X.X.X:500
  88. <167>:2023-03-22T15:10:27Z: %FTD-vpn-7-713236: IP = X.X.X.X, IKE_DECODE RECEIVED Message (msgid=d2fb004b) with payloads : HDR + HASH (8) + NOTIFY (11) + NONE (0) total length : 64
  89. <167>:2023-03-22T15:10:27Z: %FTD-vpn-7-715047: Group = X.X.X.X, IP = X.X.X.X, processing hash payload
  90. <167>:2023-03-22T15:10:27Z: %FTD-vpn-7-715047: Group = X.X.X.X, IP = X.X.X.X, processing notify payload
  91. <165>:2023-03-22T15:10:27Z: %FTD-vpn-5-713068: Group = X.X.X.X, IP = X.X.X.X, Received non-routine Notify message: Invalid ID info (18)
  92. <166>:2023-03-22T15:10:30Z: %FTD-session-6-305011: Built dynamic UDP translation from any:10.215.4.2/123 to outsite:Y.Y.Y.Y/62336
  93. <167>:2023-03-22T15:10:35Z: %FTD-vpn-7-713906: IKE Receiver: Packet received on Y.Y.Y.Y:500 from X.X.X.X:500
  94. <167>:2023-03-22T15:10:35Z: %FTD-vpn-7-713236: IP = X.X.X.X, IKE_DECODE RECEIVED Message (msgid=a88e44ff) with payloads : HDR + HASH (8) + NOTIFY (11) + NONE (0) total length : 64
  95. <167>:2023-03-22T15:10:35Z: %FTD-vpn-7-715047: Group = X.X.X.X, IP = X.X.X.X, processing hash payload
  96. <167>:2023-03-22T15:10:35Z: %FTD-vpn-7-715047: Group = X.X.X.X, IP = X.X.X.X, processing notify payload
  97. <165>:2023-03-22T15:10:35Z: %FTD-vpn-5-713068: Group = X.X.X.X, IP = X.X.X.X, Received non-routine Notify message: Invalid ID info (18)
  98. <167>:2023-03-22T15:10:43Z: %FTD-vpn-7-713906: IKE Receiver: Packet received on Y.Y.Y.Y:500 from X.X.X.X:500
  99. <167>:2023-03-22T15:10:43Z: %FTD-vpn-7-713236: IP = X.X.X.X, IKE_DECODE RECEIVED Message (msgid=8eb4f4b9) with payloads : HDR + HASH (8) + NOTIFY (11) + NONE (0) total length : 64
  100. <167>:2023-03-22T15:10:43Z: %FTD-vpn-7-715047: Group = X.X.X.X, IP = X.X.X.X, processing hash payload
  101. <167>:2023-03-22T15:10:43Z: %FTD-vpn-7-715047: Group = X.X.X.X, IP = X.X.X.X, processing notify payload
  102. <165>:2023-03-22T15:10:43Z: %FTD-vpn-5-713068: Group = X.X.X.X, IP = X.X.X.X, Received non-routine Notify message: Invalid ID info (18)
  103. <167>:2023-03-22T15:10:49Z: %FTD-vpn-7-715077: Group = X.X.X.X, IP = X.X.X.X, Pitcher: received key delete msg, spi 0x3693a6b9
  104. <165>:2023-03-22T15:10:49Z: %FTD-vpn-5-713050: Group = X.X.X.X, IP = X.X.X.X, Connection terminated for peer X.X.X.X. Reason: Session Error Terminated Remote Proxy X.X.X.X, Local Proxy Y.Y.Y.Y
  105. <167>:2023-03-22T15:10:49Z: %FTD-vpn-7-713906: Group = X.X.X.X, IP = X.X.X.X, sending delete/delete with reason message
  106. <167>:2023-03-22T15:10:49Z: %FTD-vpn-7-715046: Group = X.X.X.X, IP = X.X.X.X, constructing blank hash payload
  107. <167>:2023-03-22T15:10:49Z: %FTD-vpn-7-715046: Group = X.X.X.X, IP = X.X.X.X, constructing IPSec delete payload
  108. <167>:2023-03-22T15:10:49Z: %FTD-vpn-7-715046: Group = X.X.X.X, IP = X.X.X.X, constructing qm hash payload
  109. <167>:2023-03-22T15:10:49Z: %FTD-vpn-7-713236: IP = X.X.X.X, IKE_DECODE SENDING Message (msgid=25456395) with payloads : HDR + HASH (8) + DELETE (12) + NONE (0) total length : 68
  110. <167>:2023-03-22T15:10:49Z: %FTD-vpn-7-715009: Group = X.X.X.X, IP = X.X.X.X, IKE Deleting SA: Remote Proxy X.X.X.X, Local Proxy Y.Y.Y.Y
  111. <163>:2023-03-22T15:10:49Z: %FTD-vpn-3-713902: Group = X.X.X.X, IP = X.X.X.X, Removing peer from correlator table failed, no match!
  112. <167>:2023-03-22T15:10:49Z: %FTD-vpn-7-713906: Group = X.X.X.X, IP = X.X.X.X, IKE SA MM:4aca0c69 rcv'd Terminate: state MM_ACTIVE flags 0x00000062, refcnt 1, tuncnt 0
  113. <167>:2023-03-22T15:10:49Z: %FTD-vpn-7-713906: Group = X.X.X.X, IP = X.X.X.X, Remove from IKEv1 Tunnel Table succeeded for SA with logicalId 5033984
  114. <167>:2023-03-22T15:10:49Z: %FTD-vpn-7-713906: Group = X.X.X.X, IP = X.X.X.X, Remove from IKEv1 MIB Table succeeded for SA with logical ID 5033984
  115. <167>:2023-03-22T15:10:49Z: %FTD-vpn-7-713906: Group = X.X.X.X, IP = X.X.X.X, IKE SA MM:4aca0c69 terminating: flags 0x01000022, refcnt 0, tuncnt 0
  116. <167>:2023-03-22T15:10:49Z: %FTD-vpn-7-713906: Group = X.X.X.X, IP = X.X.X.X, sending delete/delete with reason message
  117. <164>:2023-03-22T15:10:49Z: %FTD-vpn-4-752012: IKEv1 was unsuccessful at setting up a tunnel. Map Tag = CSM_outsite_map. Map Sequence Number = 2.
  118. <163>:2023-03-22T15:10:49Z: %FTD-vpn-3-752015: Tunnel Manager has failed to establish an L2L SA. All configured IKE versions failed to establish the tunnel. Map Tag= CSM_outsite_map. Map Sequence Number = 2.
  119. <167>:2023-03-22T15:10:49Z: %FTD-vpn-7-752002: Tunnel Manager Removed entry. Map Tag = CSM_outsite_map. Map Sequence Number = 2.
  120. <167>:2023-03-22T15:10:49Z: %FTD-vpn-7-715046: Group = X.X.X.X, IP = X.X.X.X, constructing blank hash payload
  121. <167>:2023-03-22T15:10:49Z: %FTD-vpn-7-715046: Group = X.X.X.X, IP = X.X.X.X, constructing IKE delete payload
  122. <167>:2023-03-22T15:10:49Z: %FTD-vpn-7-715046: Group = X.X.X.X, IP = X.X.X.X, constructing qm hash payload
  123. <167>:2023-03-22T15:10:49Z: %FTD-vpn-7-713236: IP = X.X.X.X, IKE_DECODE SENDING Message (msgid=f27b7ff1) with payloads : HDR + HASH (8) + DELETE (12) + NONE (0) total length : 80
  124. <167>:2023-03-22T15:10:49Z: %FTD-vpn-7-715077: Pitcher: received key delete msg, spi 0x3693a6b9
  125. <165>:2023-03-22T15:10:49Z: %FTD-vpn-5-713259: Group = X.X.X.X, IP = X.X.X.X, Session is being torn down. Reason: Unknown
  126. <164>:2023-03-22T15:10:49Z: %FTD-auth-4-113019: Group = X.X.X.X, Username = X.X.X.X, IP = X.X.X.X, Session disconnected. Session Type: LAN-to-LAN, Duration: 0h:00m:30s, Bytes xmt: 0, Bytes rcv: 0, Reason: Unknown
  127. <167>:2023-03-22T15:10:49Z: %FTD-vpn-7-713906: Ignoring msg to mark SA with dsID 5033984 dead because SA deleted
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card