Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
694
Views
0
Helpful
1
Replies

Establish Site to Site IPSec tunnel between Cisco ASA 5520 and Cisco VPN 3030 Concentrator

dpatkins
Level 1
Level 1

‎02-18-2013 01:57 PM - edited ‎02-21-2020 06:42 PM

All,

I am stuck.  We have configured a site to site tunnel from our ASA to another organizations Cisco 3030.  It appears to have just one way initiation.  We can do a ping to a device on the remote site and it will ping just fine.  however, when the tunnel needs to be initiated from the remote site, it will not work until we have initiated the tunnel and then everything works.

I continue to see Error processing payload: Payload ID: 1 errors on the ASDM logs.

It appears that all the configuration is in place because we can in fact establish the IPSec tunnel unidirectional.  And once established, traffic can flow bidirectional.

Any ideas?


Thank you

Labels:
0 Helpful
1 Reply 1

Jennifer Halim
Cisco Employee
Cisco Employee

‎02-19-2013 07:24 PM

Is there any device in between the ASA and Concentrator 3030 (whether it's in front of the ASA, or in front of the 3030) that is doing stateful firewall, whereby access is not allowed from remote towards your ASA?

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents