08-30-2013 08:25 AM
my easy vpn was working alright and now i am trying to connect from some other location after a month and its giving me the following error, nothing seems wrong in configuration to me, what can be the problem ? i am using pix525
Aug 30 19:35:07 [IKEv1 DEBUG]: IP = 39.32.35.1, IKE Peer included IKE fragmentation capability flags: Main Mode: True Aggressive Mode: False
Aug 30 19:35:07 [IKEv1]: IP = 39.32.35.1, Connection landed on tunnel_group digitallib
Aug 30 19:35:07 [IKEv1]: Group = digitallib, IP = 39.32.35.1, No valid authentication type found for the tunnel group
Aug 30 19:35:07 [IKEv1 DEBUG]: Group = digitallib, IP = 39.32.35.1, IKE SA Proposal # 1, Transform # 7 acceptable Matches global IKE entry # 3
Aug 30 19:35:13 [IKEv1]: Group = digitallib, IP = 39.32.35.1, Duplicate Phase 1 packet detected. Retransmitting last packet.
Aug 30 19:35:13 [IKEv1]: Group = digitallib, IP = 39.32.35.1, P1 Retransmit msg dispatched to AM FSM
Aug 30 19:35:18 [IKEv1]: Group = digitallib, IP = 39.32.35.1, Duplicate Phase 1 packet detected. Retransmitting last packet.
Aug 30 19:35:18 [IKEv1]: Group = digitallib, IP = 39.32.35.1, P1 Retransmit msg dispatched to AM FSM
Aug 30 19:35:23 [IKEv1]: Group = digitallib, IP = 39.32.35.1, Duplicate Phase 1 packet detected. Retransmitting last packet.
Aug 30 19:35:23 [IKEv1]: Group = digitallib, IP = 39.32.35.1, P1 Retransmit msg dispatched to AM FSM
Aug 30 19:35:31 [IKEv1 DEBUG]: Group = digitallib, IP = 39.32.35.1, IKE AM Responder FSM error history (struct &0x33b3490) <state>, <event>: AM_DONE, EV_ERROR-->AM_WAIT_MSG3, EV_PROB_AUTH_FAIL-->AM_WAIT_MSG3, EV_TIMEOUT-->AM_WAIT_MSG3, NullEvent-->AM_SND_MSG2, EV_CRYPTO_ACTIVE-->AM_SND_MSG2, EV_SND_MSG-->AM_SND_MSG2, EV_START_TMR-->AM_SND_MSG2, EV_RESEND_MSG
Aug 30 19:35:31 [IKEv1]: Group = digitallib, IP = 39.32.35.1, Removing peer from peer table failed, no match!
Aug 30 19:35:31 [IKEv1]: Group = digitallib, IP = 39.32.35.1, Error: Unable to remove PeerTblEntry
08-30-2013 08:40 AM
can you post the config?
Sent from Cisco Technical Support iPad App
08-30-2013 08:52 AM
configuration are
group-policy digitallib internal
group-policy digitallib attributes
split-tunnel-policy tunnelspecified
split-tunnel-network-list value digitalclients
crypto ipsec transform-set router-set esp-des esp-sha-hmac
crypto ipsec transform-set digitallib esp-aes esp-sha-hmac
crypto dynamic-map cisco 1 set transform-set router-set
crypto dynamic-map cisco 1 set reverse-route
crypto dynamic-map REMOTE 100 set transform-set digitallib
crypto map dyn-map 10 ipsec-isakmp dynamic cisco
crypto map STATIC 90 ipsec-isakmp dynamic REMOTE
crypto map STATIC interface outside
crypto isakmp enable outside
crypto isakmp policy 80
authentication pre-share
encryption aes
hash sha
group 2
lifetime 86400
crypto isakmp policy 100
authentication pre-share
encryption des
hash sha
group 2
lifetime 86400
crypto isakmp nat-traversal 20
isakmp keepalive threshold 30 retry 10
tunnel-group digitallib type ipsec-ra
tunnel-group digitallib general-attributes
address-pool digitallibpool
default-group-policy digitallib
tunnel-group digitallib ipsec-attributes
pre-shared-key *
isakmp ikev1-user-authentication none
08-30-2013 02:19 PM
some one please help me
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide