Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
517
Views
0
Helpful
1
Replies

Site to Site VPN with VPN Concentrators

ld2000
Level 1
Level 1

‎08-10-2003 03:23 PM - edited ‎02-21-2020 12:42 PM

I'm setting up a site to site, and have followed the instructions from the Cisco site. Phase I completes, and the other concentrator connects. Then Phase II repeats itself about 10 times and then disconnects. Each time the entire process lasts 24 seconds. Anyone have any ideas? Here is a copy of the log from the local concentrator:

3361 08/08/2003 14:14:12.770 SEV=4 IKE/41 RPT=112 156.111.224.180

IKE Initiator: New Phase 1, Intf 2, IKE Peer 156.111.224.180

local Proxy Address 10.29.68.0, remote Proxy Address 156.111.60.27,

SA (L2L: NY Pres)

3364 08/08/2003 14:14:13.220 SEV=4 IKE/119 RPT=103 156.111.224.180

Group [156.111.224.180]

PHASE 1 COMPLETED

3365 08/08/2003 14:14:13.220 SEV=4 AUTH/22 RPT=113

User 156.111.224.180 connected

3366 08/08/2003 14:14:18.200 SEV=4 IKE/41 RPT=113

IKE Initiator: New Phase 2, Intf 2, IKE Peer 156.111.224.180

local Proxy Address 10.29.68.0, remote Proxy Address 156.111.60.27,

SA (L2L: NY Pres)

3369 08/08/2003 14:14:23.200 SEV=4 IKE/41 RPT=114

IKE Initiator: New Phase 2, Intf 2, IKE Peer 156.111.224.180

local Proxy Address 10.29.68.0, remote Proxy Address 156.111.60.27,

SA (L2L: NY Pres)

3375 08/08/2003 14:14:33.210 SEV=4 IKE/41 RPT=116

IKE Initiator: New Phase 2, Intf 2, IKE Peer 156.111.224.180

local Proxy Address 10.29.68.0, remote Proxy Address 156.111.60.27,

SA (L2L: NY Pres)

3378 08/08/2003 14:14:37.220 SEV=4 IKEDBG/0 RPT=117

QM FSM error (P2 struct &0x1c344b4, mess id 0x1ed038f4)!

3379 08/08/2003 14:14:37.220 SEV=4 IKEDBG/0 RPT=118

QM FSM history (P2 struct &0x1c344b4):

[13, 52], [5, 38], [5, 65535], [2, 4]

3380 08/08/2003 14:14:38.210 SEV=4 IKE/41 RPT=117

IKE Initiator: New Phase 2, Intf 2, IKE Peer 156.111.224.180

local Proxy Address 10.29.68.0, remote Proxy Address 156.111.60.27,

SA (L2L: NY Pres)

3383 08/08/2003 14:14:42.200 SEV=4 IKEDBG/0 RPT=119

QM FSM error (P2 struct &0x1c30d0c, mess id 0xee1f3aa9)!

3384 08/08/2003 14:14:42.200 SEV=4 IKEDBG/0 RPT=120

QM FSM history (P2 struct &0x1c30d0c):

[13, 52], [5, 38], [5, 65535], [2, 4]

3436 08/08/2003 14:15:42.260 SEV=4 IKEDBG/0 RPT=144

QM FSM history (P2 struct &0x1c36b3c):

[13, 52], [5, 38], [5, 65535], [2, 4]

3437 08/08/2003 14:15:47.260 SEV=4 IKEDBG/0 RPT=145

QM FSM error (P2 struct &0x1c34290, mess id 0xb1943a5a)!

3438 08/08/2003 14:15:47.260 SEV=4 IKEDBG/0 RPT=146

QM FSM history (P2 struct &0x1c34290):

[13, 52], [5, 38], [5, 65535], [2, 4]

3439 08/08/2003 14:15:47.260 SEV=4 AUTH/23 RPT=46 156.111.224.180

User 156.111.224.180 disconnected: duration: 0:01:34

This one lasted longer than normal because I had a constant ping initiated on my side to a host on the remote side. Thanks in advance for any insight.

Labels:
0 Helpful
1 Reply 1

jsivulka
Level 5
Level 5

‎08-14-2003 11:43 AM

QM FSM stands for Quick Mode Finite State Machine. The encryption process consists of as a number of "finite state machines" where each FSM accepts input from the previous FSM. The error encountered could be due to a number of reasons and the error message by itself doesn't shed much light on the likely cause. I would suggest rechecking your configuration and looking out for bugs associated with your software.

0 Helpful
Customers Also Viewed These Support Documents