Hello,

I have created a new context in cisco ASA5525 and configured site to site VPN in context. Phase -1 is not coming up and i am getting the below messages while running debug.  We have a tunnel configured to same peer IP from a diffrent location however the tunnel has come up in that ASA.

%ASA-7-715047: IP = 212.9.5.245, processing VID payload

%ASA-7-715049: IP = 212.9.5.245, Received DPD VID

%ASA-7-715047: IP = 212.9.5.245, processing VID payload

%ASA-7-715038: IP = 212.9.5.245, Processing IOS/PIX Vendor ID payload (version: 1.0.0, capabilities: 0000077f)

%ASA-7-715047: IP = 212.9.5.245, processing VID payload

%ASA-7-715049: IP = 212.9.5.245, Received xauth V6 VID

%ASA-7-715047: IP = 212.9.5.245, processing NAT-Discovery payload

%ASA-7-713906: IP = 212.9.5.245, computing NAT Discovery hash

%ASA-7-715047: IP = 212.9.5.245, processing NAT-Discovery payload

%ASA-7-713906: IP = 212.9.5.245, computing NAT Discovery hash

%ASA-7-713906: IP = 212.9.5.245, Connection landed on tunnel_group 212.9.5.245

%ASA-7-713906: Group = 212.9.5.245, IP = 212.9.5.245, Generating keys for Initiator...

%ASA-7-715046: Group = 212.9.5.245, IP = 212.9.5.245, constructing ID payload

%ASA-7-715046: Group = 212.9.5.245, IP = 212.9.5.245, constructing hash payload

%ASA-7-715076: Group = 212.9.5.245, IP = 212.9.5.245, Computing hash for ISAKMP

%ASA-7-715034: IP = 212.9.5.245, Constructing IOS keep alive payload: proposal=32767/32767 sec.

%ASA-7-715046: Group = 212.9.5.245, IP = 212.9.5.245, constructing dpd vid payload

%ASA-7-713236: IP = 212.9.5.245, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + ID (5) + HASH (8) + IOS KEEPALIVE (128) + VENDOR (13) + NONE (0) total length : 96

%ASA-6-713172: Group = 212.9.5.245, IP = 212.9.5.245, Automatic NAT Detection Status:     Remote end   IS   behind a NAT device     This   end   IS   behind a NAT device

%ASA-7-713236: IP = 212.9.5.245, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + ID (5) + HASH (8) + NONE (0) total length : 64

%ASA-7-715047: Group = 212.9.5.245, IP = 212.9.5.245, processing ID payload

%ASA-7-714011: Group = 212.9.5.245, IP = 212.9.5.245, ID_IPV4_ADDR ID received

192.168.91.50

%ASA-7-715047: Group = 212.9.5.245, IP = 212.9.5.245, processing hash payload

%ASA-7-715076: Group = 212.9.5.245, IP = 212.9.5.245, Computing hash for ISAKMP

%ASA-7-713906: IP = 212.9.5.245, Connection landed on tunnel_group 212.9.5.245

%ASA-7-715059: Group = 212.9.5.245, IP = 212.9.5.245, Proposing only UDP-Encapsulated-Tunnel and  UDP-Encapsulated-Transport modes defined by NAT-Traversal

%ASA-5-713239: Group = 212.9.5.245, IP = 212.9.5.245, Tunnel Rejected: The maximum tunnel count allowed has been reached

%ASA-7-715065: Group = 212.9.5.245, IP = 212.9.5.245, IKE MM Initiator FSM error history (struct &0x00007fff3c246df0)  <state>, <event>:  MM_DONE, EV_ERROR-->MM_I_DONE_H, EV_GET_DSID-->MM_I_DONE_H, EV_IS_REKEYED-->MM_I_DONE_H, EV_TEST_CERT-->MM_I_DONE_H, EV_CHECK_NAT_T-->MM_I_DONE_H, EV_GROUP_LOOKUP-->MM_I_DONE, EV_GROUP_LOOKUP-->MM_WAIT_MSG6, EV_PROCESS_MSG

%ASA-7-713906: Group = 212.9.5.245, IP = 212.9.5.245, IKE SA MM:7064b326 terminating:  flags 0x0100c022, refcnt 0, tuncnt 0

%ASA-7-713906: Group = 212.9.5.245, IP = 212.9.5.245, sending delete/delete with reason message

%ASA-4-752012: IKEv1 was unsuccessful at setting up a tunnel.  Map Tag = FW1.  Map Sequence Number = 20.

%ASA-3-752015: Tunnel Manager has failed to establish an L2L SA.  All configured IKE versions failed to establish the tunnel. Map Tag= FW1.  Map Sequence Number = 20.

%ASA-7-752002: Tunnel Manager Removed entry.  Map Tag = FW1.  Map Sequence Number = 20.

%ASA-7-715046: Group = 212.9.5.245, IP = 212.9.5.245, constructing blank hash payload

%ASA-7-715046: Group = 212.9.5.245, IP = 212.9.5.245, constructing IKE delete payload

%ASA-7-715046: Group = 212.9.5.245, IP = 212.9.5.245, constructing qm hash payload

%ASA-7-713236: IP = 212.9.5.245, IKE_DECODE SENDING Message (msgid=ed6f74d2) with payloads : HDR + HASH (8) + DELETE (12) + NONE (0) total length : 80

%ASA-5-713904: IP = 212.9.5.245, Received encrypted packet with no matching SA, dropping

%ASA-5-111008: User 'admin' executed the 'packet-tracer input inside tcp 10.155.36.132 13456 10.10.63.1 3389' command.

%ASA-5-111010: User 'admin', running 'CLI' from IP 10.224.45.30, executed 'packet-tracer input inside tcp 10.155.36.132 13456 10.10.63.1 3389'

Thanks

Soumya