Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
871
Views
0
Helpful
3
Replies

easyvpn problem

abdul basit
Level 1
Level 1

‎08-30-2013 08:25 AM

my easy vpn was working alright and now i am trying to connect from some other location after a month and its giving me the following error, nothing seems wrong in configuration to me, what can be the problem ? i am using pix525

Aug 30 19:35:07 [IKEv1 DEBUG]: IP = 39.32.35.1, IKE Peer included IKE fragmentation capability flags:  Main Mode:        True  Aggressive Mode:  False

Aug 30 19:35:07 [IKEv1]: IP = 39.32.35.1, Connection landed on tunnel_group digitallib

Aug 30 19:35:07 [IKEv1]: Group = digitallib, IP = 39.32.35.1, No valid authentication type found for the tunnel group

Aug 30 19:35:07 [IKEv1 DEBUG]: Group = digitallib, IP = 39.32.35.1, IKE SA Proposal # 1, Transform # 7 acceptable  Matches global IKE entry # 3

Aug 30 19:35:13 [IKEv1]: Group = digitallib, IP = 39.32.35.1, Duplicate Phase 1 packet detected.  Retransmitting last packet.

Aug 30 19:35:13 [IKEv1]: Group = digitallib, IP = 39.32.35.1, P1 Retransmit msg dispatched to AM FSM

Aug 30 19:35:18 [IKEv1]: Group = digitallib, IP = 39.32.35.1, Duplicate Phase 1 packet detected.  Retransmitting last packet.

Aug 30 19:35:18 [IKEv1]: Group = digitallib, IP = 39.32.35.1, P1 Retransmit msg dispatched to AM FSM

Aug 30 19:35:23 [IKEv1]: Group = digitallib, IP = 39.32.35.1, Duplicate Phase 1 packet detected.  Retransmitting last packet.

Aug 30 19:35:23 [IKEv1]: Group = digitallib, IP = 39.32.35.1, P1 Retransmit msg dispatched to AM FSM

Aug 30 19:35:31 [IKEv1 DEBUG]: Group = digitallib, IP = 39.32.35.1, IKE AM Responder FSM error history (struct &0x33b3490)  <state>, <event>:  AM_DONE, EV_ERROR-->AM_WAIT_MSG3, EV_PROB_AUTH_FAIL-->AM_WAIT_MSG3, EV_TIMEOUT-->AM_WAIT_MSG3, NullEvent-->AM_SND_MSG2, EV_CRYPTO_ACTIVE-->AM_SND_MSG2, EV_SND_MSG-->AM_SND_MSG2, EV_START_TMR-->AM_SND_MSG2, EV_RESEND_MSG

Aug 30 19:35:31 [IKEv1]: Group = digitallib, IP = 39.32.35.1, Removing peer from peer table failed, no match!

Aug 30 19:35:31 [IKEv1]: Group = digitallib, IP = 39.32.35.1, Error: Unable to remove PeerTblEntry

Labels:
0 Helpful
3 Replies 3

Shaoqin Li
Level 3
Level 3

‎08-30-2013 08:40 AM

can you post the config?

Sent from Cisco Technical Support iPad App

0 Helpful

abdul basit
Level 1
Level 1
In response to Shaoqin Li

‎08-30-2013 08:52 AM

configuration are

group-policy digitallib internal

group-policy digitallib attributes

split-tunnel-policy tunnelspecified

split-tunnel-network-list value digitalclients

crypto ipsec transform-set router-set esp-des esp-sha-hmac

crypto ipsec transform-set digitallib esp-aes esp-sha-hmac

crypto dynamic-map cisco 1 set transform-set router-set

crypto dynamic-map cisco 1 set reverse-route

crypto dynamic-map REMOTE 100 set transform-set digitallib

crypto map dyn-map 10 ipsec-isakmp dynamic cisco

crypto map STATIC 90 ipsec-isakmp dynamic REMOTE

crypto map STATIC interface outside

crypto isakmp enable outside

crypto isakmp policy 80

authentication pre-share

encryption aes

hash sha

group 2

lifetime 86400

crypto isakmp policy 100

authentication pre-share

encryption des

hash sha

group 2

lifetime 86400

crypto isakmp nat-traversal  20

isakmp keepalive threshold 30 retry 10

tunnel-group digitallib type ipsec-ra

tunnel-group digitallib general-attributes

address-pool digitallibpool

default-group-policy digitallib

tunnel-group digitallib ipsec-attributes

pre-shared-key *

isakmp ikev1-user-authentication none

0 Helpful

abdul basit
Level 1
Level 1
In response to abdul basit

‎08-30-2013 02:19 PM

some  one please help me

0 Helpful
Customers Also Viewed These Support Documents