Solved

ASA ezvpn

Posted on 2011-03-05
4
3,657 Views
Last Modified: 2013-05-17
I have an ASA 5505 8.4.1 (branch office) connecting to a ASA 5510 8.0.5 (corporate).  I used the ezvpn option to set up my VPN.  Everything seems to be working.  I can get to all of the desired networks on the corporate network, and I can see everything on the branch side from corp.   I checked all of the networks/hosts defined and I can reach them all.

My problem is that the syslog is continuously filling up with the following events.   Can anyone help me figure out why this is happening?

-----------------------

752015|||||Tunnel Manager has failed to establish an L2L SA.  All configured IKE versions failed to establish the tunnel. Map Tag= _vpnc_cm.  Map Sequence Number = 10.

752012|||||IKEv1 was unsuccessful at setting up a tunnel.  Map Tag = _vpnc_cm.  Map Sequence Number = 10.

752004|||||Tunnel Manager dispatching a KEY_ACQUIRE message to IKEv1.  Map Tag = _vpnc_cm.  Map Sequence Number = 10.

752010|||||IKEv2 Doesn't have a proposal specified
0
Comment
Question by:sysaminattz
4 Comments
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 35044650
Looks like there is something amiss in the config(s) regarding the key exchange. Could you post sanitized configurations of the ASA's so we can have a look at what might be wrong?
0
 

Accepted Solution

by:
sysaminattz earned 0 total points
ID: 35058498
I found a solution that works for me.  I removed the auto connect option in the EZ Vpn configuration.

no vpnclient nem-st-autoconnect

The events are no longer filling up the syslog.  The tunnels are still up and everything is working as expected.  I think this is some kind of bug because the issue was never about the ability to successfully bring up the tunnel.
0
 
LVL 68

Expert Comment

by:Qlemo
ID: 35308515
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Preface Having the need * to contact many different companies with different infrastructures * do remote maintenance in their network required us to implement a more flexible routing solution. As RAS, PPTP, L2TP and VPN Client connections are no…
I've written this article to illustrate how we can implement a Dynamic Multipoint VPN (DMVPN) with both hub and spokes having a dynamically assigned non-broadcast multiple-access (NBMA) network IP (public IP). Here is the basic setup of DMVPN Pha…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now