Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
593
Views
0
Helpful
2
Replies

Tunnel 4 isn't coming up automatic

olohelpdesk
Level 1
Level 1

‎01-20-2011 01:20 AM

The problem is with the 4th tunnel it doesn't come up automatiqly. Only when people are working at the other side the tunnel will initiate. After 36 hours it fals out and I get this problem with it. the strange thing is that the type and the hash is wrong. I checked the configuration on both ends but everything is the same as the other tunnels.

the log files says:

%ASA-4-713903:descriptive_event_string.

A warning appears, which may be the result of unexpected behavior of a peer (such as a loss of a connectivity). For example

and

%ASA-3-713902:descriptive_event_string.

An error has occured, which may be the result of a configuration error either on the headend or remote access client.

The IOS I'm runnin is 8.05 and I'm using an ASA5510 on the main site and an ASA5505 on the other site.

1   IKE Peer: 80.xxx.xxx.58
    Type    : L2L             Role    : responder
    Rekey   : no              State   : MM_ACTIVE
    Encrypt : aes-256         Hash    : MD5
    Auth    : preshared       Lifetime: 0
2   IKE Peer: 81.xxx.xxx.192
    Type    : L2L             Role    : responder
    Rekey   : no              State   : MM_ACTIVE
    Encrypt : aes-256         Hash    : MD5
    Auth    : preshared       Lifetime: 0
3   IKE Peer: 80.xxx.xxx.17
    Type    : L2L             Role    : responder
    Rekey   : no              State   : MM_ACTIVE
    Encrypt : aes-256         Hash    : MD5
    Auth    : preshared       Lifetime: 0
4   IKE Peer: 83.xxx.xxx.164
    Type    : user            Role    : initiator
    Rekey   : no              State   : MM_WAIT_MSG2
    Encrypt : aes-256         Hash    : SHA
    Auth    : preshared       Lifetime: 0

Hopefully somebody can help me so this issue get solved.

Labels:
0 Helpful
2 Replies 2

Federico Coto Fajardo
VIP Alumni
VIP Alumni

‎01-20-2011 05:39 AM

Hi,

What do you mean the tunnel does not come up automatically only when initiated?

The tunnel only establishes when there's interesting traffic pass thru...  this means either a user sending packets through the tunnel intentionally or any packet from any application that triggers the tunnel negotiation and establishment.

If a user sends data and establishes the tunnel, then there are no mismatches.

Federico.

0 Helpful

olohelpdesk
Level 1
Level 1
In response to Federico Coto Fajardo

‎01-25-2011 07:33 AM

In total we have 5 active tunnels which al come up Only when dthe adsl does a reset every 36 hours 2 keep to work and the other ones wont connect again and I get this message. I want them all to come up again. The lifetime is set to 0 on all ASA's.

0 Helpful
Customers Also Viewed These Support Documents