• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1813
  • Last Modified:

cisco and Draytek VPN Problem

I am configuring a Cisco router to a Draytek

The VPN tunnel comes up and I can start Remote Desktop sessions from the site with the Draytek to the site with the Cisco.

but I cannot do the same thing with the other way - i.e. I cannot open Remote Desktop sessions the other way.

In th cisco log is the following code when I try to connect from the Cisco site to the Dray tek site.

Any ideas what this is and how I can solve the issue?

IPSEC: Received an ESP packet (SPI= 0x79D1D28E, sequence number= 0x1) from (user= to The decapsulated inner packet doesn't match the negotiated policy in the SA. The packet specifies its destination as, its source as, and its protocol as 2. The SA specifies its local proxy as Thetford_LAN/ and its remote_proxy as Bury_LAN/
  • 3
1 Solution
Kamran ArshadIT AssociateCommented:

Such errors crop up when there is a mismatch in the ACLs. Please confirm that you use the same subnets both sides.
MawallaceAuthor Commented:
I have - the problem it seems was down to MTU size on the Draytek. I cahnged this to 1300 which was the figure on the Cisco and it all works fine!
MawallaceAuthor Commented:
I in fact answered the question myself! If you see it was down to the MTU settings on the Draytek.
MawallaceAuthor Commented:
My solution worked!
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

We Need Your Input!

WatchGuard is currently running a beta program for our new macOS Host Sensor for our Threat Detection and Response service. We're looking for more macOS users to help provide insight and feedback to help us make the product even better. Please sign up for our beta program today!

  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now