Cisco UC500 Software (UC500-ADVIPSERVICESK9-M), Version 15.1(2)T2
site to site VPN did not working with this error.
site_A
003591: *Oct 22 16:22:13.241: ISAKMP: set new node 0 to QM_IDLE
003592: *Oct 22 16:22:13.241: ISAKMP:(0):SA is still budding. Attached new ipsec request to it. (local 182.93.2x.x, remote 183.63.x.x)
003593: *Oct 22 16:22:13.241: ISAKMP: Error while processing SA request: Failed to initialize SA
003594: *Oct 22 16:22:13.241: ISAKMP: Error while processing KMI message 0, error 2.
003595: *Oct 22 16:22:13.241: ISAKMP:(0): retransmitting phase 1 MM_NO_STATE...
003596: *Oct 22 16:22:13.241: ISAKMP (0): incrementing error counter on sa, attempt 3 of 5: retransmit phase 1
003597: *Oct 22 16:22:13.241: ISAKMP:(0): retransmitting phase 1 MM_NO_STATE
003598: *Oct 22 16:22:13.241: ISAKMP:(0): sending packet to 183.63.x.x my_port 500 peer_port 500 (I) MM_NO_STATE
003599: *Oct 22 16:22:13.241: ISAKMP:(0):Sending an IKE IPv4 Packet.....
Success rate is 0 percent (0/5)
CPKMOCME#
003600: *Oct 22 16:22:23.241: ISAKMP:(0): retransmitting phase 1 MM_NO_STATE...
003601: *Oct 22 16:22:23.241: ISAKMP (0): incrementing error counter on sa, attempt 4 of 5: retransmit phase 1
003602: *Oct 22 16:22:23.241: ISAKMP:(0): retransmitting phase 1 MM_NO_STATE
003603: *Oct 22 16:22:23.241: ISAKMP:(0): sending packet to 183.63.x.x my_port 500 peer_port 500 (I) MM_NO_STATE
003604: *Oct 22 16:22:23.241: ISAKMP:(0):Sending an IKE IPv4 Packet.
003605: *Oct 22 16:22:33.241: ISAKMP:(0): retransmitting phase 1 MM_NO_STATE...
003606: *Oct 22 16:22:33.241: ISAKMP (0): incrementing error counter on sa, attempt 5 of 5: retransmit phase 1
003607: *Oct 22 16:22:33.241: ISAKMP:(0): retransmitting phase 1 MM_NO_STATE
003608: *Oct 22 16:22:33.241: ISAKMP:(0): sending packet to 183.63.x.x my_port 500 peer_port 500 (I) MM_NO_STATE
003609: *Oct 22 16:22:33.241: ISAKMP:(0):Sending an IKE IPv4 Packet.
003610: *Oct 22 16:22:43.242: ISAKMP:(0): retransmitting phase 1 MM_NO_STATE...
003611: *Oct 22 16:22:43.242: ISAKMP:(0):peer does not do paranoid keepalives.
003612: *Oct 22 16:22:43.242: ISAKMP:(0):deleting SA reason "Death by retransmission P1" state (I) MM_NO_STATE (peer 183.63.x.x)
003613: *Oct 22 16:22:43.242: ISAKMP:(0):deleting SA reason "Death by retransmission P1" state (I) MM_NO_STATE (peer 183.63.x.x)
003614: *Oct 22 16:22:43.242: ISAKMP: Unlocking peer struct 0x86019068 for isadb_mark_sa_deleted(), count 0
003615: *Oct 22 16:22:43.242: ISAKMP: Deleting peer node by peer_reap for 183.63.x.x: 86019068
003616: *Oct 22 16:22:43.242: ISAKMP:(0):deleting node -924415756 error FALSE reason "IKE deleted"
003617: *Oct 22 16:22:43.242: ISAKMP:(0):deleting node -11328370 error FALSE reason "IKE deleted"
003618: *Oct 22 16:22:43.242: ISAKMP:(0):Input = IKE_MESG_INTERNAL, IKE_PHASE1_DEL
003619: *Oct 22 16:22:43.242: ISAKMP:(0):Old State = IKE_I_MM1 New State = IKE_DEST_SA
003620: *Oct 22 16:22:46.386: ISAKMP (0): received packet from 183.63.x.x dport 500 sport 500 Global (N) NEW SA
003621: *Oct 22 16:22:46.386: ISAKMP: Created a peer struct for 183.63.x.x, peer port 500
003622: *Oct 22 16:22:46.386: ISAKMP: New peer created peer = 0x86019068 peer_handle = 0x80000079
003623: *Oct 22 16:22:46.386: ISAKMP: Locking peer struct 0x86019068, refcount 1 for crypto_isakmp_process_block
003624: *Oct 22 16:22:46.386: ISAKMP: local port 500, remote port 500
003625: *Oct 22 16:22:46.386: ISAKMP:(0):insert sa successfully sa = 8A8F4A4C
003626: *Oct 22 16:22:46.386: ISAKMP:(0):Input = IKE_MESG_FROM_PEER, IKE_MM_EXCH
003627: *Oct 22 16:22:46.386: ISAKMP:(0):Old State = IKE_READY New State = IKE_R_MM1
003628: *Oct 22 16:22:46.390: ISAKMP:(0): processing SA payload. message ID = 0
003629: *Oct 22 16:22:46.390: ISAKMP:(0): processing vendor id payload
003630: *Oct 22 16:22:46.390: ISAKMP:(0): vendor ID seems Unity/DPD but major 69 mismatch
003631: *Oct 22 16:22:46.390: ISAKMP (0): vendor ID is NAT-T RFC 3947
003632: *Oct 22 16:22:46.390: ISAKMP:(0): processing vendor id payload
003633: *Oct 22 16:22:46.390: ISAKMP:(0): vendor ID seems Unity/DPD but major 245 mismatch
003634: *Oct 22 16:22:46.390: ISAKMP (0): vendor ID is NAT-T v7
003635: *Oct 22 16:22:46.390: ISAKMP:(0): processing vendor id payload
003636: *Oct 22 16:22:46.390: ISAKMP:(0): vendor ID seems Unity/DPD but major 157 mismatch
003637: *Oct 22 16:22:46.390: ISAKMP:(0): vendor ID is NAT-T v3
003638: *Oct 22 16:22:46.390: ISAKMP:(0): processing vendor id payload
003639: *Oct 22 16:22:46.390: ISAKMP:(0): vendor ID seems Unity/DPD but major 123 mismatch
003640: *Oct 22 16:22:46.390: ISAKMP:(0): vendor ID is NAT-T v2
003641: *Oct 22 16:22:46.390: ISAKMP:(0):found peer pre-shared key matching 183.63.x.x
003642: *Oct 22 16:22:46.390: ISAKMP:(0): local preshared key found
003643: *Oct 22 16:22:46.390: ISAKMP : Scanning profiles for xauth ...
003644: *Oct 22 16:22:46.390: ISAKMP:(0):Checking ISAKMP transform 1 against priority 1 policy
003645: *Oct 22 16:22:46.390: ISAKMP: encryption 3DES-CBC
003646: *Oct 22 16:22:46.390: ISAKMP: hash SHA
003647: *Oct 22 16:22:46.390: ISAKMP: default group 5
003648: *Oct 22 16:22:46.390: ISAKMP: auth pre-share
003649: *Oct 22 16:22:46.390: ISAKMP: life type in seconds
003650: *Oct 22 16:22:46.390: ISAKMP: life duration (basic) of 3600
003651: *Oct 22 16:22:46.390: ISAKMP:(0):atts are acceptable. Next payload is 3
003652: *Oct 22 16:22:46.390: ISAKMP:(0):Acceptable atts:actual life: 0
003653: *Oct 22 16:22:46.390: ISAKMP:(0):Acceptable atts:life: 0
003654: *Oct 22 16:22:46.390: ISAKMP:(0):Basic life_in_seconds:3600
003655: *Oct 22 16:22:46.390: ISAKMP:(0):Returning Actual lifetime: 3600
003656: *Oct 22 16:22:46.390: ISAKMP:(0)::Started lifetime timer: 3600.
003657: *Oct 22 16:22:46.390: ISAKMP:(0): processing vendor id payload
003658: *Oct 22 16:22:46.390: ISAKMP:(0): vendor ID seems Unity/DPD but major 69 mismatch
003659: *Oct 22 16:22:46.390: ISAKMP (0): vendor ID is NAT-T RFC 3947
003660: *Oct 22 16:22:46.390: ISAKMP:(0): processing vendor id payload
003661: *Oct 22 16:22:46.390: ISAKMP:(0): vendor ID seems Unity/DPD but major 245 mismatch
003662: *Oct 22 16:22:46.390: ISAKMP (0): vendor ID is NAT-T v7
003663: *Oct 22 16:22:46.390: ISAKMP:(0): processing vendor id payload
003664: *Oct 22 16:22:46.390: ISAKMP:(0): vendor ID seems Unity/DPD but major 157 mismatch
003665: *Oct 22 16:22:46.390: ISAKMP:(0): vendor ID is NAT-T v3
003666: *Oct 22 16:22:46.390: ISAKMP:(0): processing vendor id payload
003667: *Oct 22 16:22:46.390: ISAKMP:(0): vendor ID seems Unity/DPD but major 123 mismatch
003668: *Oct 22 16:22:46.390: ISAKMP:(0): vendor ID is NAT-T v2
003669: *Oct 22 16:22:46.394: ISAKMP:(0):Input = IKE_MESG_INTERNAL, IKE_PROCESS_MAIN_MODE
003670: *Oct 22 16:22:46.394: ISAKMP:(0):Old State = IKE_R_MM1 New State = IKE_R_MM1
003671: *Oct 22 16:22:46.394: ISAKMP:(0): constructed NAT-T vendor-rfc3947 ID
003672: *Oct 22 16:22:46.394: ISAKMP:(0): sending packet to 183.63.x.x my_port 500 peer_port 500 (R) MM_SA_SETUP
003673: *Oct 22 16:22:46.394: ISAKMP:(0):Sending an IKE IPv4 Packet.
003674: *Oct 22 16:22:46.394: ISAKMP:(0):Input = IKE_MESG_INTERNAL, IKE_PROCESS_COMPLETE
003675: *Oct 22 16:22:46.394: ISAKMP:(0):Old State = IKE_R_MM1 New State = IKE_R_MM2
003676: *Oct 22 16:22:56.382: ISAKMP (0): received packet from 183.63.x.x dport 500 sport 500 Global (R) MM_SA_SETUP
003677: *Oct 22 16:22:56.382: ISAKMP:(0): phase 1 packet is a duplicate of a previous packet.
003678: *Oct 22 16:22:56.382: ISAKMP:(0): retransmitting due to retransmit phase 1
003679: *Oct 22 16:22:56.882: ISAKMP:(0): retransmitting phase 1 MM_SA_SETUP...
003680: *Oct 22 16:22:56.882: ISAKMP (0): incrementing error counter on sa, attempt 1 of 5: retransmit phase 1
003681: *Oct 22 16:22:56.882: ISAKMP:(0): retransmitting phase 1 MM_SA_SETUP
003682: *Oct 22 16:22:56.882: ISAKMP:(0): sending packet to 183.63.x.x my_port 500 peer_port 500 (R) MM_SA_SETUP
003683: *Oct 22 16:22:56.882: ISAKMP:(0):Sending an IKE IPv4 Packet.
003684: *Oct 22 16:23:06.383: ISAKMP (0): received packet from 183.63.x.x dport 500 sport 500 Global (R) MM_SA_SETUP
003685: *Oct 22 16:23:06.383: ISAKMP:(0): phase 1 packet is a duplicate of a previous packet.
003686: *Oct 22 16:23:06.383: ISAKMP:(0): retransmitting due to retransmit phase 1
003687: *Oct 22 16:23:06.883: ISAKMP:(0): retransmitting phase 1 MM_SA_SETUP...
003688: *Oct 22 16:23:06.883: ISAKMP (0): incrementing error counter on sa, attempt 2 of 5: retransmit phase 1
003689: *Oct 22 16:23:06.883: ISAKMP:(0): retransmitting phase 1 MM_SA_SETUP
003690: *Oct 22 16:23:06.883: ISAKMP:(0): sending packet to 183.63.x.x my_port 500 peer_port 500 (R) MM_SA_SETUP
003691: *Oct 22 16:23:06.883: ISAKMP:(0):Sending an IKE IPv4 Packet.
003692: *Oct 22 16:23:16.383: ISAKMP (0): received packet from 183.63.x.x dport 500 sport 500 Global (R) MM_SA_SETUP
003693: *Oct 22 16:23:16.383: ISAKMP:(0): phase 1 packet is a duplicate of a previous packet.
003694: *Oct 22 16:23:16.383: ISAKMP:(0): retransmitting due to retransmit phase 1
003695: *Oct 22 16:23:16.883: ISAKMP:(0): retransmitting phase 1 MM_SA_SETUP...
003696: *Oct 22 16:23:16.883: ISAKMP (0): incrementing error counter on sa, attempt 3 of 5: retransmit phase 1
003697: *Oct 22 16:23:16.883: ISAKMP:(0): retransmitting phase 1 MM_SA_SETUP
003698: *Oct 22 16:23:16.883: ISAKMP:(0): sending packet to 183.63.x.x my_port 500 peer_port 500 (R) MM_SA_SETUP
003699: *Oct 22 16:23:16.883: ISAKMP:(0):Sending an IKE IPv4 Packet.
003700: *Oct 22 16:23:26.384: ISAKMP (0): received packet from 183.63.x.x dport 500 sport 500 Global (R) MM_SA_SETUP
003701: *Oct 22 16:23:26.384: ISAKMP:(0): phase 1 packet is a duplicate of a previous packet.
003702: *Oct 22 16:23:26.384: ISAKMP:(0): retransmitting due to retransmit phase 1
003703: *Oct 22 16:23:26.884: ISAKMP:(0): retransmitting phase 1 MM_SA_SETUP...
003704: *Oct 22 16:23:26.884: ISAKMP (0): incrementing error counter on sa, attempt 4 of 5: retransmit phase 1
003705: *Oct 22 16:23:26.884: ISAKMP:(0): retransmitting phase 1 MM_SA_SETUP
003706: *Oct 22 16:23:26.884: ISAKMP:(0): sending packet to 183.63.x.x my_port 500 peer_port 500 (R) MM_SA_SETUP
003707: *Oct 22 16:23:26.884: ISAKMP:(0):Sending an IKE IPv4 Packet.
003708: *Oct 22 16:23:33.244: ISAKMP:(0):purging node -924415756
003709: *Oct 22 16:23:33.244: ISAKMP:(0):purging node -11328370
003710: *Oct 22 16:23:36.384: ISAKMP (0): received packet from 183.63.x.x dport 500 sport 500 Global (R) MM_SA_SETUP
003711: *Oct 22 16:23:36.384: ISAKMP:(0): phase 1 packet is a duplicate of a previous packet.
003712: *Oct 22 16:23:36.384: ISAKMP:(0): retransmitting due to retransmit phase 1
003713: *Oct 22 16:23:36.884: ISAKMP:(0): retransmitting phase 1 MM_SA_SETUP...
003714: *Oct 22 16:23:36.884: ISAKMP (0): incrementing error counter on sa, attempt 5 of 5: retransmit phase 1
003715: *Oct 22 16:23:36.884: ISAKMP:(0): retransmitting phase 1 MM_SA_SETUP
003716: *Oct 22 16:23:36.884: ISAKMP:(0): sending packet to 183.63.x.x my_port 500 peer_port 500 (R) MM_SA_SETUP
003717: *Oct 22 16:23:36.884: ISAKMP:(0):Sending an IKE IPv4 Packet.
003718: *Oct 22 16:23:43.244: ISAKMP:(0):purging SA., sa=878F0118, delme=878F0118
003719: *Oct 22 16:23:46.884: ISAKMP:(0): retransmitting phase 1 MM_SA_SETUP...
003720: *Oct 22 16:23:46.884: ISAKMP:(0):peer does not do paranoid keepalives.
003721: *Oct 22 16:23:46.884: ISAKMP:(0):deleting SA reason "Death by retransmission P1" state (R) MM_SA_SETUP (peer 183.63.x.x)
003722: *Oct 22 16:23:46.884: ISAKMP:(0):deleting SA reason "Death by retransmission P1" state (R) MM_SA_SETUP (peer 183.63.x.x)
003723: *Oct 22 16:23:46.884: ISAKMP: Unlocking peer struct 0x86019068 for isadb_mark_sa_deleted(), count 0
003724: *Oct 22 16:23:46.884: ISAKMP: Deleting peer node by peer_reap for 183.63.x.x: 86019068
003725: *Oct 22 16:23:46.884: ISAKMP:(0):Input = IKE_MESG_INTERNAL, IKE_PHASE1_DEL
003726: *Oct 22 16:23:46.884: ISAKMP:(0):Old State = IKE_R_MM2 New State = IKE_DEST_SA
site_B
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.10.1, timeout is 2 seconds:
Packet sent with a source address of 192.168.20.1
003605: ISAKMP:(0): SA request profile is (NULL)
003606: ISAKMP: Created a peer struct for 182.93.2x.x, peer port 500
003607: ISAKMP: New peer created peer = 0x861289F4 peer_handle = 0x80000027
003608: ISAKMP: Locking peer struct 0x861289F4, refcount 1 for isakmp_initiator
003609: ISAKMP: local port 500, remote port 500
003610: ISAKMP: set new node 0 to QM_IDLE
003611: ISAKMP:(0):insert sa successfully sa = 8AAB28E0
003612: ISAKMP:(0):Can not start Aggressive mode, trying Main mode.
003613: ISAKMP:(0):found peer pre-shared key matching 182.93.2x.x
003614: ISAKMP:(0): constructed NAT-T vendor-rfc3947 ID
003615: ISAKMP:(0): constructed NAT-T vendor-07 ID
003616: ISAKMP:(0): constructed NAT-T vendor-03 ID
003617: ISAKMP:(0): constructed NAT-T vendor-02 ID
003618: ISAKMP:(0):Input = IKE_MESG_FROM_IPSEC, IKE_SA_REQ_MM
003619: ISAKMP:(0):Old State = IKE_READY New State = IKE_I_MM1
003620: ISAKMP:(0): beginning Main Mode exchange
003621: ISAKMP:(0): sending packet to 182.93.2x.x my_port 500 peer_port 500 (I) MM_NO_STATE
003622: ISAKMP:(0):Sending an IKE IPv4 Packet......
Success rate is 0 percent (0/5)
CPKZHCME#
003623: ISAKMP:(0): retransmitting phase 1 MM_NO_STATE...
003624: ISAKMP (0): incrementing error counter on sa, attempt 1 of 5: retransmit phase 1
003625: ISAKMP:(0): retransmitting phase 1 MM_NO_STATE
003626: ISAKMP:(0): sending packet to 182.93.2x.x my_port 500 peer_port 500 (I) MM_NO_STATE
003627: ISAKMP:(0):Sending an IKE IPv4 Packet.
003628: ISAKMP:(0): retransmitting phase 1 MM_NO_STATE...
003629: ISAKMP (0): incrementing error counter on sa, attempt 2 of 5: retransmit phase 1
003630: ISAKMP:(0): retransmitting phase 1 MM_NO_STATE
003631: ISAKMP:(0): sending packet to 182.93.2x.x my_port 500 peer_port 500 (I) MM_NO_STATE
003632: ISAKMP:(0):Sending an IKE IPv4 Packet.
003633: ISAKMP: set new node 0 to QM_IDLE
003634: ISAKMP:(0):SA is still budding. Attached new ipsec request to it. (local 183.63.x.x, remote 182.93.2x.x)
003635: ISAKMP: Error while processing SA request: Failed to initialize SA
003636: ISAKMP: Error while processing KMI message 0, error 2.
003637: ISAKMP:(0): retransmitting phase 1 MM_NO_STATE...
003638: ISAKMP (0): incrementing error counter on sa, attempt 3 of 5: retransmit phase 1
003639: ISAKMP:(0): retransmitting phase 1 MM_NO_STATE
003640: ISAKMP:(0): sending packet to 182.93.2x.x my_port 500 peer_port 500 (I) MM_NO_STATE
003641: ISAKMP:(0):Sending an IKE IPv4 Packet.
003642: ISAKMP:(0): retransmitting phase 1 MM_NO_STATE...
003643: ISAKMP (0): incrementing error counter on sa, attempt 4 of 5: retransmit phase 1
003644: ISAKMP:(0): retransmitting phase 1 MM_NO_STATE
003645: ISAKMP:(0): sending packet to 182.93.2x.x my_port 500 peer_port 500 (I) MM_NO_STATE
003646: ISAKMP:(0):Sending an IKE IPv4 Packet.
