freejaso
asked on
Log error Cisco Pix 506E - (identity doesn't match negotiated identity)
I am seeing the follow error in my firewall logs and cannot figure out the solution:
12.108.44.10 [local4.warning] %PIX-4-402103: identity doesn't match negotiated identity (ip) dest_addr= 12.108.44.10, src_addr= 65.191.170.2, prot= icmp, (ident) local=12.108.44.10, remote=65.191.170.2, local proxy=192.168.3.5/255.255. 255.255/0/ 0, remote_proxy=10.31.240.194 /255.255.2 55.255/0/0
Configuration in firewall is set as:
access-list nonat permit ip 192.168.3.0 255.255.255.0 host 10.31.240.194
access-list george permit icmp host 192.168.3.5 host 10.31.240.194
access-list george permit ip host 192.168.3.5 host 10.31.240.194
12.108.44.10 [local4.warning] %PIX-4-402103: identity doesn't match negotiated identity (ip) dest_addr= 12.108.44.10, src_addr= 65.191.170.2, prot= icmp, (ident) local=12.108.44.10, remote=65.191.170.2, local proxy=192.168.3.5/255.255.
Configuration in firewall is set as:
access-list nonat permit ip 192.168.3.0 255.255.255.0 host 10.31.240.194
access-list george permit icmp host 192.168.3.5 host 10.31.240.194
access-list george permit ip host 192.168.3.5 host 10.31.240.194
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.