Hello Support,

I am trying to configure a site to site VPN with ASA 5510, One ASA is behind a NAT device. Please find the setup

SITE A

LAN -----> ASA ------> NAT Router -----> Internet

SITE B

LAN -----> ASA ------> Internet.

Configured the site A as Orginate-Only and Site B as answer only. Am not able to estabish the tunnel as phase 2 is failing. Please find the error from both ASA's .I have enabled the NAT-T

Site A ASA Ipsec error log

Group = (site B Public IP)X.X.X.X, IP = X.X.X.X, Removing peer from correlator table failed, no match!
Group = (site B Public IP)X.X.X.X, IP = X.X.X.X, Connection terminated for peer X.X.X.X. Reason: Peer Terminate Remote Proxy 0.0.0.0, Local Proxy 0.0.0.0
Group = (site B Public IP)X.X.X.X, IP = X.X.X.X, Received non-routine Notify message: Invalid ID info (18)
Group = (site B Public IP)X.X.X.X, IP = X.X.X.X, PHASE 1 COMPLETED

Site B ASA Ipsec error log

Group = (site A Public IP)X.X.X.X, IP = (site A Public IP)X.X.X.X, Removing peer from correlator table failed, no match!
Group = (site A Public IP)X.X.X.X, IP = (site A Public IP)X.X.X.X, QM FSM error (P2 struct &0xbc8e7540, mess id 0xa91f6d6f)!
Group = (site A Public IP)X.X.X.X, IP = (site A Public IP)X.X.X.X, Rejecting IPSec tunnel: no matching crypto map entry for remote proxy (Site A ASA outside interface ip)192.168.2.2/255.255.255.255/0/0 local proxy (site B Public IP)X.X.X.X/255.255.255.255/0/0 on interface outside
Group = (site A Public IP)X.X.X.X, IP = (site A Public IP)X.X.X.X, PHASE 1 COMPLETED.

Please provide me the correct configuration required.Is any problem with my NAT device configuration ?