11-15-2018 11:48 PM
Dear cummunity,
I'm trying to use a RV 340 Router to establish a Site to Site VPN to two ASAs.
I configured the tunnels several times and made 100% sure that the configuration is identical.
On both ASAs the PHASE 1 is completed successfully but the session is quit immediately after that with the following message:
PHASE 1 COMPLETED Aug 21 07:51:26 [IKEv1]IP = XXX.XXX.XXX.XXX, Keep-alive type for this connection: DPD Aug 21 07:51:26 [IKEv1 DEBUG]Group = XXX.XXX.XXX.XXX, IP = XXX.XXX.XXX.XXX, Starting P1 rekey timer: 27360 seconds. Aug 21 07:51:26 [IKEv1]Group = XXX.XXX.XXX.XXX, IP = XXX.XXX.XXX.XXX, Add to IKEv1 Tunnel Table succeeded for SA with logical ID 96706560 Aug 21 07:51:26 [IKEv1]Group = XXX.XXX.XXX.XXX, IP = XXX.XXX.XXX.XXX, Add to IKEv1 MIB Table succeeded for SA with logical ID 96706560 Aug 21 07:51:26 [IKEv1]IKE Receiver: Packet received on 10.10.100.1:4500 from XXX.XXX.XXX.XXX:4500 Aug 21 07:51:26 [IKEv1]IP = XXX.XXX.XXX.XXX, IKE_DECODE RECEIVED Message (msgid=9aabc695) with payloads : HDR + HASH (8) + DELETE (12) + NONE (0) total length : 80 Aug 21 07:51:26 [IKEv1 DEBUG]Group = XXX.XXX.XXX.XXX, IP = XXX.XXX.XXX.XXX, processing hash payload Aug 21 07:51:26 [IKEv1 DEBUG]Group = XXX.XXX.XXX.XXX, IP = XXX.XXX.XXX.XXX, processing delete Aug 21 07:51:26 [IKEv1]Group = XXX.XXX.XXX.XXX, IP = XXX.XXX.XXX.XXX, Connection terminated for peer XXX.XXX.XXX.XXX. Reason: Peer Terminate Remote Proxy 0.0.0.0, Local Proxy 0.0.0.0 Aug 21 07:51:26 [IKEv1]Group = XXX.XXX.XXX.XXX, IP = XXX.XXX.XXX.XXX, Remove from IKEv1 Tunnel Table succeeded for SA with logicalId 96706560 Aug 21 07:51:26 [IKEv1]Group = XXX.XXX.XXX.XXX, IP = XXX.XXX.XXX.XXX, Remove from IKEv1 MIB Table succeeded for SA with logical ID 96706560 Aug 21 07:51:26 [IKEv1 DEBUG]Group = XXX.XXX.XXX.XXX, IP = XXX.XXX.XXX.XXX, IKE SA MM:b2554993 terminating: flags 0x0101c802, refcnt 0, tuncnt 0 Aug 21 07:51:26 [IKEv1]Group = XXX.XXX.XXX.XXX, IP = XXX.XXX.XXX.XXX, Warning: Ignoring IKE SA (src) without VM bit set Aug 21 07:51:26 [IKEv1]Group = XXX.XXX.XXX.XXX, IP = XXX.XXX.XXX.XXX, Session is being torn down. Reason: User Requested
First I don't understand why Remote and Local Proxy is stated with the IP adress 0.0.0.0
Second if I use a RV180 with the exact same settings the tunnels come up immediately.
Desperate for any advice.
Thanks.
Solved! Go to Solution.
11-20-2018 03:34 AM
12-02-2018 11:26 AM
Just by asking me for the logs I took another close look at the logs.
The identifiers didn't match.
Thanks :D
11-16-2018 09:14 AM
Suggest to Compare your crypto acl's on both devices. (information should be same)
crypto acl of "permit any to any" - this is bad way.
11-20-2018 03:34 AM
12-02-2018 11:26 AM
Just by asking me for the logs I took another close look at the logs.
The identifiers didn't match.
Thanks :D
12-02-2018 05:57 PM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide