Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3046
Views
0
Helpful
2
Replies

Cisco ASA 5505 site to site IPSec VPN with RV220W issue

lawyuitai
Level 1
Level 1

‎09-21-2012 01:54 AM - edited ‎02-21-2020 06:21 PM

I have a ASA5505 connected to RV220W through IPSec VPN. When  using SMB to transfer large file, the ASA5505 will show error message:

CTM ERROR: Invalid input parameters, ctm_get_scb_prot_stats:1561

The error message from the debug crypto engine. When  the message show, the speed of the transfer will slow down quickly, and  even no data can be go through between ASA and the RV220W. But the IPSec  SA and the IKE SA is active, and can ping the inside network in both  site.

Both ASA5505 and the RV220W has been updated the latest firmware. I have surf the Google but no such related issue found.

Any suggestions on where to look would be much appreciated.

Thanks in advance

Terry

Labels:
0 Helpful
2 Replies 2

ted.engels
Level 1
Level 1

‎09-24-2012 09:17 PM

I have the exact same error recurring on a Site-to-Site VPN between a Cisco ASA 5505 and a Cisco ASA 5510. I have not been able to resolve the issues yet.

The difference between the symptoms we are experiencing is that the Cisco for the branch office is unable to ping only part of the network on the central office. And yes we have correctly defined the local and remote protected networks.

If I find anything usefull I will let you know, please do likewise.

Regards,

Ted

0 Helpful

lawyuitai
Level 1
Level 1
In response to ted.engels

‎09-26-2012 09:40 AM

Hi Ted thanks for your reply and information.

The strange things happened in RV220W shows the IPSec sa is expired, but the ASA5505 IPSec and IKEv1 sa is active. Inside both site internal network can ping to other side, but cant transfer file through Windows SMB. It seems when I transfer over 4GBytes of file, it will start happening and required clear IPSec and IKEv1 sa so that the VPN tunnel will start up again.

I am already surrander for this issue......

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents