Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

Ikev2 site to site vpn between pa and cisco asa

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Ikev2 site to site vpn between pa and cisco asa

L1 Bithead

temporary security measures for all users.


msdphi
Messages
Notifications

(English) USA
Get Started
Discussions
Blogs
Articles
Products
Tools
Education Services
Member Recognition
Podcasts
Customer
Partner
Employee
ikev2 site to site VPN between PA and ASA
Search this content
Panorama D
ikev2 site to site VPN between PA

Hi All,

 

I have a site to site VPN configured to client's ASA.

 

The VPN stays stable until the phase 2 lifetime expires and then never comes up until interesting traffic is generated from client(ASA) side. If i generate traffic from the pa side, the tunnel doesn't come up.

On checking the PA logs, I see a couple of errors "IKE protocol notification message received: received notify type NON_FIRST_FRAGMENTS_ALSO" and "IKE protocol notification message received: received notify type ESP_TFC_PADDING_NOT_SUPPORTED' )".

 

All the parameters on both sides are the same. Please help me. Need your advice here.

0 REPLIES 0
  • 31 Views
  • 0 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!