[TriLUG] OpenBSD VPN doesn't initiate VPN to Cisco ASA

Neil L. Little nllittle at embarqmail.com
Wed Dec 9 12:11:58 EST 2009


I would also give a shot with the Cisco Support Forums
https://supportforums.cisco.com

They have helped me with issues involving cisco products before.

73,
Neil, WA4AZL


Ron Kelley wrote:
> Have you spoken to any Cisco guys about this?  I have a friend who is an ASA expert and could put you in touch with him if necessary...
>
> -Ron
>
>
>
> On Dec 8, 2009, at 10:21 PM, Chris Bullock wrote:
>
>   
>> We have many tunnels (about 50) and for some reason I just set up a tunnel with a Cisco ASA and we can not initiate the connection from the OpenBSD side.  If the Cisco side pings a device on the OpenBSD side the tunnel comes up.  On the Cisco side they have bidirectional enabled, and they are not seeing the OpenBSD try to initiate the tunnel.  Running tcpdump I have confirmed that we are not trying to connect.  I asked the openbsd guys and the only response is that for some reason the Cisco is sending a "DELETE SA" which forces my BSD box to drop the tunnel and not attempt to reconnect.  This is indeed the case.  Even though this is happening, I need this tunnel to stay up.  Anyone know of a way to force OpenBSD to bring up 1 tunnel or ever experienced this behavior.
>>
>>
>> Any help would be appreciated,
>> Regards,
>> Chris
>>
>>
>>
>> --
>> TriLUG mailing list        : http://www.trilug.org/mailman/listinfo/trilug
>> TriLUG FAQ  : http://www.trilug.org/wiki/Frequently_Asked_Questions
>>     
>
> Thanks,
>
> -Ron
> rkelleyrtp at gmail.com
>
> --
> TriLUG mailing list        : http://www.trilug.org/mailman/listinfo/trilug
> TriLUG FAQ  : http://www.trilug.org/wiki/Frequently_Asked_Questions
>
>   



More information about the TriLUG mailing list