01-09-2012 11:19 AM - edited 02-21-2020 05:48 PM
Hello,
We configured a site-to-site VPN using a Cisco RVS4000 at one end and TMG at the other. When we initiate (PING) communication from a client on the TMG LAN, the link is UP and traffic flows both ways. However, if we start the communication from the Cisco LAN, the PINGs time-out and the link stays DOWN. Cisco's VPN log file is enclosed.
We verified that the IPSec settings at each end match and also tried updating the firmware to 2.0.2.7. Each side of thje tunnel uses a public IP address with no NAT devices in between.
Any ideas or suggestions appreciated.
Ian
Solved! Go to Solution.
01-13-2012 10:14 AM
01-13-2012 10:14 AM
I have the same exact issue
anybody have a fix
01-24-2012 06:05 AM
Can anyone help with this? TMG to TMG works fine. Problem initiating IPSEC site-to-site from Cisco router to TMG...
Thanks,
Ian
01-25-2012 06:58 AM
Here's a section of the router's log: Jan 6 22:44:36 - [VPN Log]: "HO_VPN" #1: message ignored because it contains an unknown or unexpected payload type (ISAKMP_NEXT_NAT-D) at the outermost level Jan 6 22:44:36 - [VPN Log]: "HO_VPN" #1: sending notification INVALID_PAYLOAD_TYPE to PUBLIC_IP.145.18:500 Jan 6 22:44:56 - [VPN Log]: "HO_VPN" #1: message ignored because it contains an unknown or unexpected payload type (ISAKMP_NEXT_NAT-D) at the outermost level Jan 6 22:44:56 - [VPN Log]: "HO_VPN" #1: sending notification INVALID_PAYLOAD_TYPE to PUBLIC_IP.145.18:500 Any ideas most welcome, Ian
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide