before adding encryption it is a good idea to test basic routing so you will 
know where to troubleshooting if needed.

Best Regards,
 
- Joshua R. Walton
  Senior Network Engineer 
  CCNP, CCSP, CCVP, INFOSEC


Subject: RE: [OSL | CCIE_Security] CCIE_Security Digest, Vol 18, Issue 13Date: 
Sat, 29 Dec 2007 17:34:25 -0800From: [EMAIL PROTECTED]: [EMAIL PROTECTED]; 
[email protected]



SSH is not working. Seeing the following message in output.
 
R1#ssh -l ipexpert 10.5.5.55
 
*Dec 30 01:06:41.675: %CRYPTO-6-IKMP_MODE_FAILURE: Processing of Informational 
mode failed with peer at 10.5.5.55R1#R1#
R1#ssh -l ipexpert 192.1.49.55
 
R1#
 
First of all, why R1 is not pinging ASA1? Secondly, If R1 is able to ping ASA2 
then why ssh connection did not establish (as seen in the above output)?
 
Attaching sh crypto output and pings from R1 suggesting that peer relationship 
with both ASAs is established but still tunnel is not formed.
 
Appreciate any help.
-Anshul


From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Joshua 
WaltonSent: Saturday, December 29, 2007 10:21 AMTo: [EMAIL PROTECTED]: Re: [OSL 
| CCIE_Security] CCIE_Security Digest, Vol 18, Issue 13
verify by SSH'ing to ASA1 and ASA2 from R1 R1# ssh -l ipexpert 192.1.49.55   
R1# ssh -l ipexpert 10.5.5.55

Best Regards,
 
- Joshua R. Walton
  Senior Network Engineer 
  CCNP, CCSP, CCVP, INFOSEC> From: [EMAIL PROTECTED]> Subject: CCIE_Security 
Digest, Vol 18, Issue 13> To: [email protected]> Date: Sat, 29 
Dec 2007 12:00:03 -0500> > Send CCIE_Security mailing list submissions to> 
[email protected]> > To subscribe or unsubscribe via the World 
Wide Web, visit> http://onlinestudylist.com/mailman/listinfo/ccie_security> or, 
via email, send a message with subject or body 'help' to> [EMAIL PROTECTED]> > 
You can reach the person managing the list at> [EMAIL PROTECTED]> > When 
replying, please edit your Subject line so it is more specific> than "Re: 
Contents of CCIE_Security digest..."> > > Today's Topics:> > 1. Section 15 Task 
7.6 (a): Management VPN (Anshul Arora (akarora))> > > 
----------------------------------------------------------------------> > 
Message: 1> Date: Fri, 28 Dec 2007 20:22:21 -0800> From: "Anshul Arora 
(akarora)" <[EMAIL PROTECTED]>> Subject: [OSL | CCIE_Security] Section 15 Task 
7.6 (a): Management VPN> To: <[email protected]>> Message-ID:> 
<[EMAIL PROTECTED]>> Content-Type: text/plain; charset="us-ascii"> > Hi All,> > 
I've R1 and ASA1 configured for secured communication through IPsec> tunnel. 
The basic problem is that ASA1 can't ping R1 public IP> 192.1.12.15 and visa 
versa. Although R4 can ping R1.> Where do I enable ping from ASA1 to R1 so as 
to bring up the tunnel?> > The same setup is working for R1 and ASA2 tunnel 
communication (Task b)> verifying that configuration on R1 and ASA is 
configured correctly.> > Attaching R1, R4 and ASA2 configs.> > Appreciate any 
input.> -Anshul> > -------------- next part --------------> An HTML attachment 
was scrubbed...> URL: 
http://onlinestudylist.com/pipermail/ccie_security/attachments/20071228/63c485b9/attachment-0001.html>
 -------------- next part --------------> An embedded and charset-unspecified 
text was scrubbed...> Name: ASA1.txt> Url: 
http://onlinestudylist.com/pipermail/ccie_security/attachments/20071228/63c485b9/ASA1-0001.txt>
 -------------- next part --------------> An embedded and charset-unspecified 
text was scrubbed...> Name: R1.txt> Url: 
http://onlinestudylist.com/pipermail/ccie_security/attachments/20071228/63c485b9/R1-0001.txt>
 -------------- next part --------------> An embedded and charset-unspecified 
text was scrubbed...> Name: R4.txt> Url: 
http://onlinestudylist.com/pipermail/ccie_security/attachments/20071228/63c485b9/R4-0001.txt>
 > End of CCIE_Security Digest, Vol 18, Issue 13> 
*********************************************

Reply via email to