Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
761
Views
0
Helpful
0
Replies

Cisco 8861 VPN DTLS Tunnel Fails

Daniel Madain
Level 1
Level 1

‎04-23-2019 11:42 AM

Hello Fellow Network Warriors,

 

I am having an issue with VPN phones (Cisco 8861) and the ASA (5585X). We have VPN services fully working until we enable the DTLS tunnel for this VPN profile.

 

After enabling DTLS and testing we receive the following "error: activating tunnel group scripts" and VPN seizes to work on the phones after that until we disable DTLS again. 

 

I also found this bug (https://bst.cloudapps.cisco.com/bugsearch/bug/CSCve20438/?rfs=iqvred) that may seem related but we are on 9.6.4(18) which the bug states is a "fixed release".

 

Any help would be greatly appreciated.

 

group-policy GroupPolicy1 internal
group-policy GroupPolicy1 attributes
wins-server value X.X.X.X X.X.X.X
dns-server value X.X.X.X X.X.X.X
vpn-tunnel-protocol ssl-client
webvpn
anyconnect ssl dtls none


group-policy SSL_PHONE_GroupPolicy internal
group-policy SSL_PHONE_GroupPolicy attributes
vpn-tunnel-protocol ssl-client

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents