Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1396
Views
0
Helpful
2
Replies

[Site to Site VPN] Cisco ASA error : deny inbound protocol 50 src outside...

Patrick Tran
Level 1
Level 1

‎09-09-2015 05:02 AM

Hi,

I configured a IPSec Site to Site VPN between 2 Cisco ASA 5515X on ASA 9.4.1.

After configuration, on remote site, I got this erreur "Deny inbound protocol 50 src outside: central@IP dst outside: remote@IP."

I had to "enable traffic between two or more hosts connected to the same interface" to make it working...

Is this normal?

 

Thanks for your help,

 

Patrick

Labels:
0 Helpful
2 Replies 2

krishnangangster
Level 1
Level 1

‎09-09-2015 05:17 AM

Protocol 50 means ESP which is blocked.

If you can provide more information about the interfaces then only we can understand clearly.

0 Helpful

Patrick Tran
Level 1
Level 1
In response to krishnangangster

‎09-09-2015 05:46 AM

I thought Cisco ASA would unblock ESP 50 automatically for the peer I configured for Site to Site on IKEv2...

2 Cisco ASA are on Internet and communicate with their outside interfaces

Which information do you want? 

 

Thanks !!!

Patrick

0 Helpful
Customers Also Viewed These Support Documents