Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
677
Views
0
Helpful
1
Replies

Cisco ASA site-to-site old vpn tunnel error processing payload

Go to solution
Jaygugaliga
Level 1
Level 1

‎10-27-2021 09:50 AM

Hi, We had a IPSec tunnel with a partner in the past but we don't need to have that tunnel up anymore.

I have removed the tunnel on my end via ASDM but I still an error in the ASA logs

"IP={ex-vendor IP], Error processing payload: Payload ID:1

Is this because they have not removed the tunnel config on their end? - I assume that if I remove from my ASA, this should not be logged anymore.

I don't have control of the remote VPN device/firewall. 

Is there anyway to stop the logging at least (I know it's not a big issue but I would like to not see this in the logs).

 

Thank You

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Rob Ingram
VIP
VIP

‎10-27-2021 09:59 AM

Hi @Jaygugaliga yes, more than likely the vendor VPN is still attempting to establish a VPN tunnel. Assuming it is a Policy Based VPN, then probably a device on the remote end is sending traffic to your server, so their VPN device will attempt to establish a tunnel and fail.

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Rob Ingram
VIP
VIP

‎10-27-2021 09:59 AM

Hi @Jaygugaliga yes, more than likely the vendor VPN is still attempting to establish a VPN tunnel. Assuming it is a Policy Based VPN, then probably a device on the remote end is sending traffic to your server, so their VPN device will attempt to establish a tunnel and fail.

0 Helpful
Customers Also Viewed These Support Documents