cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

7559
Views
15
Helpful
3
Replies
mitang.prajapati
Beginner

remote VPN authentication fail

hello support,

Please find below logs and let me know wht would be change on configuration of remote access VPN on asa 5540.

4|Mar 16 2011|15:26:01|713903|||Group = tesTGroup, Username = GSDc2gsIdc, IP = 5.1.9.9, Error: Unable to remove PeerTblEntry
3|Mar 16 2011|15:26:01|713902|||Group = tesTGroup, Username = GSDc2gsIdc, IP = 5.1.9.9, Removing peer from peer table failed, no match!
5|Mar 16 2011|15:26:01|713050|||Group = tesTGroup, Username = GSDc2gsIdc, IP = 5.1.9.9, Connection terminated for peer GSDc2gsIdc.  Reason: Peer Terminate  Remote Proxy N/A, Local Proxy N/A
3|Mar 16 2011|15:26:01|713902|||Group = tesTGroup, Username = GSDc2gsIdc, IP = 5.1.9.9, IKE: Dynamic Access Policy failure, aborting connection
3|Mar 16 2011|15:26:01|713902|||Group = tesTGroup, Username = GSDc2gsIdc, IP = 5.1.9.9, IKE: Dynamic-Access-Policy action is not continue, abort connection
5|Mar 16 2011|15:26:01|734002|||DAP: User GSDc2gsIdc, Addr 5.1.9.4: Connection terminated by the following DAP records: DfltAccessPolicy
6|Mar 16 2011|15:26:01|734001|||DAP: User GSDc2gsIdc, Addr 5.1.9.4, Connection IPSec: The following DAP records were selected for this connection: DfltAccessPolicy
6|Mar 16 2011|15:25:49|302015|5.1.9.4|5.1.9.6|Built inbound UDP connection 588808 for outside:5.1.9.4/56536 (5.1.9.4/56536) to NP Identity Ifc:5.1.9.6/500 (5.1.9.6/500)

1 ACCEPTED SOLUTION

Accepted Solutions

Hi Mitang,

This is where your problem lies:

3|Mar 16 2011|15:26:01|713902|||Group = tesTGroup, Username =  GSDc2gsIdc, IP = 5.1.9.9, IKE: Dynamic-Access-Policy action is not  continue, abort connection

Please follow the path on ASDM and do the change:

Remote Access VPN > Dynamic Access-policy > DfltAccessPolicy > Edit > Action tab

Change the action to continue.

It should be good to go.

Hope this helps.

Regards,

Anisha

P.S.: please mark this thread as answered if you feel your query is resolved. Do rate helpful posts.

View solution in original post

3 REPLIES 3
Jennifer Halim
Cisco Employee

Seems like you have configured DAP (Dynamic Access Policies) which cause the VPN connection to fail.

Please disable DAP or check which policies are causing the issue.

Thanks for replay,

4|Mar 16 2011|15:26:01|713903|||Group = tesTGroup, Username = GSDc2gsIdc, IP = 5.1.9.9, Error: Unable to remove PeerTblEntry
3|Mar 16 2011|15:26:01|713902|||Group = tesTGroup, Username = GSDc2gsIdc, IP = 5.1.9.9, Removing peer from peer table failed, no match!
5|Mar 16 2011|15:26:01|713050|||Group = tesTGroup, Username = GSDc2gsIdc, IP = 5.1.9.9, Connection terminated for peer GSDc2gsIdc.  Reason: Peer Terminate  Remote Proxy N/A, Local Proxy N/A
3|Mar 16 2011|15:26:01|713902|||Group = tesTGroup, Username = GSDc2gsIdc, IP = 5.1.9.9, IKE: Dynamic Access Policy failure, aborting connection
3|Mar 16 2011|15:26:01|713902|||Group = tesTGroup, Username = GSDc2gsIdc, IP = 5.1.9.9, IKE: Dynamic-Access-Policy action is not continue, abort connection
5|Mar 16 2011|15:26:01|734002|||DAP: User GSDc2gsIdc, Addr 5.1.9.4: Connection terminated by the following DAP records: DfltAccessPolicy
6|Mar 16 2011|15:26:01|734001|||DAP: User GSDc2gsIdc, Addr 5.1.9.4, Connection IPSec: The following DAP records were selected for this connection: DfltAccessPolicy
6|Mar 16 2011|15:25:49|302015|5.1.9.4|5.1.9.6|Built inbound UDP connection 588808 for outside:5.1.9.4/56536 (5.1.9.4/56536) to NP Identity Ifc:5.1.9.6/500 (5.1.9.6/500)

Hi Mitang,

This is where your problem lies:

3|Mar 16 2011|15:26:01|713902|||Group = tesTGroup, Username =  GSDc2gsIdc, IP = 5.1.9.9, IKE: Dynamic-Access-Policy action is not  continue, abort connection

Please follow the path on ASDM and do the change:

Remote Access VPN > Dynamic Access-policy > DfltAccessPolicy > Edit > Action tab

Change the action to continue.

It should be good to go.

Hope this helps.

Regards,

Anisha

P.S.: please mark this thread as answered if you feel your query is resolved. Do rate helpful posts.

View solution in original post

Create
Recognize Your Peers
Polls
Which of these topics should we host an event in the Community?

Top Choice: ISE Demo (100%)

Content for Community-Ad