Hi All,
I'm trying to get a S2S tunnel between ASA and Juniper up and running, but i'm getting the following error in the ASA log:
Jun 13 2018 11:14:18: %ASA-3-751022: Local:ASASide:500 Remote:JuniperSide:500 Username:JuniperSide IKEv2 Tunnel rejected: Crypto Map Policy not found for remote traffic selector 0.0.0.0/255.255.255.255/0/65535/0 local traffic selector 0.0.0.0/255.255.255.255/0/65535/0!
I'm having some trouble understanding wether this is some configuration issue on my (ASA) side, or the remote (Juniper) side since it's a pretty simple configuration.
Output of show crypto ikve2 sa detail:
IKEv2 SAs:
Session-id:315, Status:UP-IDLE, IKE count:1, CHILD count:0
Tunnel-id Local Remote Status Role
1298385459 ASASide/500 JuniperSide/500 READY RESPONDER
Encr: AES-CBC, keysize: 256, Hash: SHA256, DH Grp:14, Auth sign: PSK, Auth verify: PSK
Life/Active Time: 28800/2010 sec
Session-id: 315
Status Description: Negotiation done
Local spi: XXXXXXXXXXXXX Remote spi: XXXXXXXXXXXXXXXX
Local id: ASASide
Remote id: JuniperSide
Local req mess id: 0 Remote req mess id: 35
Local next mess id: 0 Remote next mess id: 35
Local req queued: 0 Remote req queued: 35
Local window: 1 Remote window: 1
DPD configured for 10 seconds, retry 2
NAT-T is not detected
IKEv2 Fragmentation Configured MTU: 576 bytes, Overhead: 28 bytes, Effective MTU: 548 bytes
Parent SA Extended Status:
Delete in progress: FALSE
Marked for delete: FALSE
