Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi
Trying to build VPN between ASA and Juniper FW.
I have ASA on one end and the other end is Junipser SRX that sits behind another Juniper FW.
I am using ikev2 and phase 1 comes up but phas2 is failing.
Please can someone help and look at the AS...
Hi All
Thanks for your help I have managed to fix the issue. My Core SRX was dropping the traffic for port 4500. I did share the log in my previous post under "SRX-NG-Droping-UDP4500".
This was due to ike protocol that was not enabled on the SRX ...
Hi Thanks for reply
Let me share my Topology for better understanding
Yes ASA FW is a respondent and SRX FW is the one that initiates the the VPN negotiation.
IP 197.168.10.10 is the Nated IP and FW that initiates the VPN negotiation has the origi...
On ASA I see the following error but could not understand : |
length: 256IKEv2-PROTO-1: A supplied parameter is incorrectIKEv2-PROTO-1:IKEv2-PROTO-1: Could not find neg contextIKEv2-PROTO-1: Couldn't find matching SA
Hi
Thanks for the reply I have matched integrity on both ends but still, VPN has not come up
ASA kind of build the Phase 1 and Phase 2 but on SRX don't see any SA and keeps negotiation failing
root@CORE-SRX>
ID Port Gateway ...
