Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
646
Views
5
Helpful
1
Replies

Is there any command or debug/Log error to detect that other end has entered worng VPN peer IP

mdnahidmomen
Level 1
Level 1

‎07-08-2020 07:03 AM

Hi Everyone,
I work as a network Specialist, and is responsible for creating and troubleshooting VPN connectivity between DATA Centers to client and vice versa. 
While troubleshooting , among many other reason , I find that sometime the other end engineer by mistake typed wrong peer ip (my end IP).
Now my Question is , Is there any cisco ASA command to detect such issue. Or any other debug message or Log error, where one can understand ahh my peer colleague has entered wrong peer IP.
Example:
Myip: A
client IP: B
VPN does not come up after going all through VPN troubleshoot procedures came to conclusion that client has entered IP C as Peer Ip.
Is it possible to detect form my end that peer has worng IP as C.

I was hunting for three days in Internet , but no solution. That is why I came to seek help to my Cisco Community.

Thank you in Advance. 

Regards
Nahid

Labels:
0 Helpful
1 Reply 1

Sheraz.Salim
VIP
VIP

‎07-08-2020 03:55 PM

I can understand you pain. I come across some time these issue when setup up vpn in DC for other client. some time human error get involve typo error etc. I am afraid there is no command to tell you.

 

in ikev1 version if you the initiator and if the tunnel is not coming up you will see the message MM_WAIT_MSG2 Initiator. but having said that you will see some other messages too.

 

 

please do not forget to rate.
Customers Also Viewed These Support Documents