cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1194
Views
0
Helpful
1
Replies

ESP error 402116

charlie.ford
Level 1
Level 1

I would like to ask your help solving a VPN issue with the device on the far end.

I have one established IPSec tunnel between the host at the far end. When they try to eatablise a second IPSec tunnel to our seconf IP we get this error

May  9 18:51:51 odc-np-gw %ASA-4-402116: IPSEC: Received an ESP packet (SPI= 0x47995CC7, sequence number= 0xCF) from 23.24.138.185 (user= 23.24.138.185) to 205.144.144.4.  The decapsulated inner packet doesn't match the negotiated policy in the SA.  The packet specifies its destination as 205.144.158.29, its source as 23.24.138.189, and its protocol as icmp.  The SA specifies its local proxy as 205.144.158.30/255.255.255.255/ip/0 and its remote_proxy as 23.24.138.189/255.255.255.255/ip/0.

23.24.138.185 is the far end peer

205.144.144.4 is the local peer

23.24.138.189 is the remote configured protected host

205.144.158.29 is the local configured protected host

205.144.158.30 is the working local configured protected host

I can supply everything if you wish but I just need some direction. I believe we have a Cisco 5540 on the far end also.

1 Reply 1

Mohammad Alhyari
Cisco Employee
Cisco Employee

HI Mate ,

before focusing on this message , what about the following :

IKE phase 1

IKE phase 2

debug cry isa

debug cry ipsec

show cry isa sa

show crypto ipsec sa peer

cheers.

Mohammad.