ASA S2S Tunnel Error

We are replacing a Linksys RV042 VPN endpoint with an ASA 5505 Security Plus appliance.

Having problems establishing one of our site-to-site VPN tunnels (unfortunately I do not know what the other device is, and all I can do for now is replicate the settings that were present for this tunnel on the ASA).

This is what I'm receiving:

      AAA retrieved default group policy (M-Tunnel) for user = Endpoint_IP
      Group = Endpoint_IP, IP = Endpoint_IP, PHASE 1 COMPLETED
      Group = Endpoint_IP, IP = Endpoint_IP, All IPSec SA proposals found unacceptable!
      Group = Endpoint_IP, IP = Endpoint_IP, QM FSM error (P2 struct &0xd5144720, mess id 0xf4ae87c3)!
      Group = Endpoint_IP, IP = Endpoint_IP, Removing peer from correlator table failed, no match!
      Group = Endpoint_IP, Username = Endpoint_IP, IP = Endpoint_IP, Session disconnected. Session Type: IKE, Duration: 0h:00m:00s, Bytes xmt: 0, Bytes rcv: 0, Reason: Phase 2 Mismatch
      Group = Endpoint_IP, IP = Endpoint_IP, Automatic NAT Detection Status: Remote end is NOT behind a NAT device This end is NOT behind a NAT device

*Endpoint_IP = WAN IP of Remote Gateway

I'm almost thinking I'm connecting to some sort of PPTP device not capable of IPSEC or not configured for IPSEC (Windows server?).

Any ideas; I'll hopefully find out tomorrow what I'm connecting to, but I'd like to get this solved ASAP.
TercestisiAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

TercestisiAuthor Commented:
What is strange was that the tunnel was up for some time (after we replaced the RV042 with the ASA, we confirmed the tunnel was up); when I checked back a few hours later, I noticed these events continually appearing in the syslog, and the tunnel not showing as up.
0
TercestisiAuthor Commented:
It is a PPTP tunnel and an ASA cannot be a PPTP server.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Erik BjersPrincipal Systems AdministratorCommented:
All IPSec SA proposals found unacceptable!

This is your problem. You need to find out what SA proposal the other device accepts and set them up on your Asa.

Eb
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Cisco

From novice to tech pro — start learning today.