cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
681
Views
0
Helpful
2
Replies

Both IKE1 and IKE2 enabled

I have a HQ ASA and 25-30 locations configured with both IKE1 and IKE2. 

Does anyone know why this happens:

 

ike12.JPG

12-15 of the locations have two tunnels connect at the same time. As you see one IKE1 and one IKE2 tunnel. They each pass traffic on same crypto map, but different subnets. After reading I understand that Cisco ASA should prefer IKE2 and use IKE1 if the first is unable to negotiate. 

 

Running version 9.8.1 on the HQ asa and different flavours on remote site. But i have seen this behaviour with other version too.

 

Any advice?

Thanx

Please rate as helpful, if that would be the case. Thanx
2 Replies 2

Do you have identical traffic routed over the same tunnels

They are using the same cryptomap yes. 

Please rate as helpful, if that would be the case. Thanx