Firewall Wizards mailing list archives

Re: Cisco ASA IKE Initiator unable to find policy

From: "Lord Sporkton" <lordsporkton () gmail com>
Date: Wed, 26 Nov 2008 09:49:09 -0800

Is there anything special about these site to site tunnels? Aggressive
mode? or anything like that?

Do you have any further debug messages?

Lawrence


2008/11/12 Jens Brey <jens () chaos-co de>:

Dear all,

i have the following problem. I have a ASA 5520 running 8.0.4. After some
time, i see the following problem. Some of the Site-to-Site VPN tunnels
terminated on the device doesn't pass any traffic anymore, but the VPN
tunnel itself is still up.

It looks like the cryptomap looses the assignment to the ACL policy and so,
i see the following messages in the Cisco log:

"IKE Initiator unable to find policy"

I saw this behaviour also under 8.0.3.

Somebody a idea?

Regards,
Jens
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards




-- 
-Lawrence
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Cisco ASA IKE Initiator unable to find policy Jens Brey (Nov 26)
- Re: Cisco ASA IKE Initiator unable to find policy Darden, Patrick S. (Nov 26)
- Re: Cisco ASA IKE Initiator unable to find policy Dave Love (Nov 26)
- Re: Cisco ASA IKE Initiator unable to find policy Lord Sporkton (Nov 26)