[c-nsp] Problem with VPN between ASA and Bintec
Drewes, Bjoern
bjoern at verfriemelt.com
Tue Nov 18 02:31:22 EST 2014
Hi,
we are currently experiencing exact the same problems. Cisco ASA HA
Cluster of 2x 5540 (Active/Standby) with OS 9.1.(2) and a Bintec RS232j
FW Version 9.1 Rev 10 Patch2 but other firmwares are also affected.
The are currently 24 active SAs to other Cisco devices without any
problem.
We use RSA Certificates for phase1 isakmp. Did you also use RSA for
authentication or PSK?
In my troubleshooting and debugging i see that DPD is still working,
bintec sends his DPD request and the ASA answers it with correct
sequence # but no traffic will pass the tunnel.
My call at Bintec/Funkwerk/Teldat war rejected cause 3rd party vendor is
involved, now i try to open a cisco call via our smartnet. In the
meantime every hint is welcome...
Thanks,
Bjoern
More information about the cisco-nsp
mailing list