Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4797
Views
0
Helpful
1
Replies

AnyConnect Error: The Peer's KE payload contained the wrong DH group

Go to solution
aalsul
Level 1
Level 1

‎02-07-2019 10:59 AM - edited ‎02-21-2020 09:33 PM

I recently zeroized my keys and generated new ones. I've been looking at where to delete the old, cached key in AnyConnect, but I can't find it anywhere. I uninstalled the application and deleted remnant folders. I stopped and restarted the service. It still gives me an error whenever I connect:

 

Unknown IKEv2 Negotiation abored due to ERROR: The Peer's KE payload contained the wrong DH group

Unknown IKEv2 Negotiation abored due to ERROR: Failed to locate an item in the database

 

Log file from ASDM is attached, but it's formatted weirdly.

 

Thanks.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
aalsul
Level 1
Level 1

‎02-08-2019 06:15 AM

Found the issue: I didn't have a certificate on the ASA.

 

Resolution via ASDM is to navigate to: Device Management > Certificate Management > Identity certificate. I added one through there and was able to log in through AnyConnect again.

View solution in original post

0 Helpful
1 Reply 1

Go to solution
aalsul
Level 1
Level 1

‎02-08-2019 06:15 AM

Found the issue: I didn't have a certificate on the ASA.

 

Resolution via ASDM is to navigate to: Device Management > Certificate Management > Identity certificate. I added one through there and was able to log in through AnyConnect again.

0 Helpful
Customers Also Viewed These Support Documents