Solved

UC520 VPN Problems

Posted on 2009-05-04
2
562 Views
Last Modified: 2012-05-06
I have a cisco uc520 and 871 that i use to connect to. When i add the remote connection to the 871 and test i get the tunnel status as down. From the uc520 if i type show crypto isakmp sa it shows the remote ip and the state is AG_INIT_EXCH. Im not very expierenced in debuggin this. I tried creating a new vpn pool and that didnt work either. I assume that the firewall would add any rules automatically since its hosting.  Would i need to add nat rules? how could i debug this further. The 871 gives me nothing.
0
Comment
Question by:v46n
2 Comments
 
LVL 33

Expert Comment

by:MikeKane
ID: 24432394
From what I could gather from the description, it sounds like the firewall side does not have a complete config.    Your assumption is not correct, the firewalls will not automatically update any rules, that would be a huge security hole.     Are you the firewall admin?   Can you provide the debug logs showing the connection attempt?
0
 
LVL 2

Accepted Solution

by:
v46n earned 0 total points
ID: 24433221
i contacted cisco tac and the vpn is resetup and tunnel works now. there was a problem on the host side.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Cisco ISE or Windows NPS for RADIUS and 802.1x 2 79
adjusting startup config 6 55
NTP configuration on Cisco switch 3 36
X.509 Cert Upload to Cisco WAP 6 12
I recently updated from an old PIX platform to the new ASA platform.  While upgrading, I was tremendously confused about how the VPN and AnyConnect licensing works.  It turns out that the ASA has 3 different VPN licensing schemes. "site-to-site" …
This article will cover setting up redundant ISPs for outbound connectivity on an ASA 5510 (although the same should work on the 5520s and up as well).  It’s important to note that this covers outbound connectivity only.  The ASA does not have built…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question