Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
530
Views
0
Helpful
1
Replies

ASA IPsec VPN issues...

Y W
Level 1
Level 1

‎11-21-2013 02:41 PM - edited ‎02-21-2020 07:20 PM

hello all,

I am getting the 412 remote peer not respond .

I have a bunch of ASA 5505 boxes all over the place.

I recently had a new box up but I could not connect to it. all other asa5505 boxes are perfectly connectable.

The configurations I went through line by line are identical to the other boxes, with the exception of timezone not set and instaead of using crypto isakmp encrption aes, it is using aes-192, same sha hash group 2

I have double check the IP address, it is valid. the ip address is also pingable.

it is not the group password because the status don't go further than contacting security gateway in VPN client.

i check with the isp, they said that they do not share ipv4 address yet, and i have power cyled all equipments.

anyone have any suggestions i will appreciate it.

ps. in my configurations, i don't see any access-list to allow incoming udp port 500, even on the working boxes. so i assume asa auto unblocks it once you have a valid crypto map in place?

Labels:
0 Helpful
1 Reply 1

Y W
Level 1
Level 1

‎11-25-2013 04:11 PM

this problem was put in the queue of TAC and then escalated to a senior engineer.

when we ran the debug crypto isakmp we found the box was rejecting ipsec vpn due to no suitable key combination found. and then it was noted that the Ipsec vpn under windows 7 does not support aes-192. The connection will only work under aes-128 or aes-256

closing this discussion.

0 Helpful
Customers Also Viewed These Support Documents