NANOZ
asked on
Cisco ASA VPN Issue
I'm not an expert in cisco ASA I hope someone can help. I have a vpn connection that was working up until yesterday. I got contacted that there is no connection. I logged into ASDM version 6.3, when i checked under Monitoring\ VPN\Site to Site I did not find that vpn to bounce it. but under configuration \ Site to site VPN the peer Ip info is listed there. what do I need to do to re-establish connection?
thank you
thank you
ASKER
Yes, I ran the command and I see three other peers and the one I need is not one of them. Example:
1 IKE Peer: B.B.B.B Type : L2L Role : initiator Rekey : no State : MM_ACTIVE
2 IKE Peer: B.B.B.B Type : L2L Role : responder Rekey : no State : MM_ACTIVE
3 IKE Peer: A.A.A.A Type : L2L Role : responder Rekey : no State : AM_ACTIVE
The one I need is configured under Site to Site connection profiles though.
1 IKE Peer: B.B.B.B Type : L2L Role : initiator Rekey : no State : MM_ACTIVE
2 IKE Peer: B.B.B.B Type : L2L Role : responder Rekey : no State : MM_ACTIVE
3 IKE Peer: A.A.A.A Type : L2L Role : responder Rekey : no State : AM_ACTIVE
The one I need is configured under Site to Site connection profiles though.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Well, no but I got a hold of their IT guy, and after some troubleshooting, we found out that the other end is not allowing isakmp to use UDP port 500.
61: 12:07:25.514896 802.1Q vlan#4 P0 A.A.A.A > B.B.B.B.500: udp 316
62: 12:07:25.568482 802.1Q vlan#4 P2 B.B.B.B > A.A.A.A: icmp: B.B.B.B udp port 500 unreachable
Issue is resolved, Thank you for your help.
61: 12:07:25.514896 802.1Q vlan#4 P0 A.A.A.A > B.B.B.B.500: udp 316
62: 12:07:25.568482 802.1Q vlan#4 P2 B.B.B.B > A.A.A.A: icmp: B.B.B.B udp port 500 unreachable
Issue is resolved, Thank you for your help.
#sh cry isa sa