HI we have an ASA 5510 with 8.4(7) with many working IPsec VPNS.
We have one new peer we are trying to connect but when they initiate VPN we do n ot respond.
I can see incoming IKE with destination UDP port 500 but SOURCE PORT is a high port eq 50223.
This is the only thing I can see differently from other VPNs that are working.
We see this IKE traffic come in via capture but debug ikev1 255 or any other crypto debug outputs nothing from this peer indicating ASA is not triggering IKE negotiation (crypto map setup correctly with peer etc) .
Do both incoming UDP ports need to be 500 for initial communication to work?