cancel
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
3608
Views
0
Helpful
0
Replies

Trouble with Cisco AnyConnect ikev2 - Unknown Received a IKE_INIT_SA request

Mohamed Hamid
Level 1
Level 1

Hi Guys

I am trying to configure Cisco AnyConnect 3.1.04.074 on a Mac OS X 10.8.5 with a ASA 5525x running 9.1.3 to work by esatablishing a IPsec VPN tunnel over Cisco Anyconnect.

I have configured a local  PKI and installed the appropiate certificates on the client machine to ensure that all devices trust each other. The SSL based VPN is working fine however when I attempt the IPsec connection I see the following error in the asa logs.

I have followed the documentation located here,

https://supportforums.cisco.com/docs/DOC-18960

and here

http://www.cisco.com/en/US/products/ps10884/products_tech_note09186a0080bd8106.shtml

4|Nov 25 2013|15:25:13|750003|||||Local:x.x.x.x:4500 Remote:x.x.x.x59782 Username:Unknown Negotiation aborted due to ERROR: Auth exchange failed

3|Nov 25 2013|15:25:13|751011|||||Local:x.x.x.x:4500 Remote:x.x.x.x59782 Username:Unknown Failed user authentication. Error: General Failure

6|Nov 25 2013|15:25:11|302015|x.x.x.x59782|x.x.x.x|4500|Built inbound UDP connection 15618 for dmzData:x.x.x.x/59782 (x.x.x.x/59782) to identity:x.x.x.x/4500 (x.x.x.x/4500)

5|Nov 25 2013|15:25:11|750002|||||Local:x.x.x.x:500 Remote:x.x.x.x:49406 Username:Unknown Received a IKE_INIT_SA request

4|Nov 25 2013|15:25:11|750003|||||Local:x.x.x.x:500 Remote:x.x.x.x:49406 Username:Unknown Negotiation aborted due to ERROR: The peer's KE payload contained the wrong DH group

5|Nov 25 2013|15:25:11|750002|||||Local:x.x.x.x:500 Remote:x.x.x.x:49406 Username:Unknown Received a IKE_INIT_SA request

6|Nov 25 2013|15:25:11|302015|x.x.x.x|49406|x.x.x.x|500|Built inbound UDP connection 15617 for dmzData:x.x.x.x/49406 (x.x.x.x/49406) to identity:x.x.x.x/500 (x.x.x.x/500)

Any Help is much appreciated.

0 Replies 0