Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
252
Views
0
Helpful
1
Replies

VPN between Router 1800 and ASA

mohamed.fawzy2012
Level 1
Level 1

‎01-10-2017 05:56 AM

i have problem between in vpn between cisco router and firewall ASA   the tunnel is up between them but there is no traffic passing as i am trying to ping any server from Site_A(Router) to Site_B(ASA) and give request timeout and also be noted that ASA is behind router

i have also some logs appeared to me

%CRYPTO-4-IKMP_NO_SA : IKE message from [IP_address] has no SA and is not an initialization offer

%CRYPTO-4-RECVD_PKT_INV_SPI: decaps: rec'd
IPSEC packet has invalid spi for destaddr=207.15.205.15, prot=50,
spi=0x681E0955(1746798933), srcaddr=4.2.97.15.

 

Labels:
0 Helpful
1 Reply 1

fsebera
Level 4
Level 4

‎01-10-2017 06:53 AM

If you add the optional keepalive parameter to your tunnel (Router, firewall or both) you will most likely see the tunnels drop; indicating there is a configuration problem.

Consider pasting your sanatised configuration so other folks can take a look see and offer assistance.

Thanks

Frank

0 Helpful
Customers Also Viewed These Support Documents