Hi Guys,
Firstly sorry if this problem has asked before.But could not found anywhere.I'm trying to S2S VPN for Cisco ASA.In log i see INVALID COOKIE.What does it mean for connection?I've been trying to solve this 2 days.Any help appreciated.
Regards
"
Jul 17 14:55:31 ssh_ike_connect: Start, remote_name = 1.1.1.1:500, xchg = 2, flags = 00090000
Jul 17 14:55:31 ike_init_isakmp_sa: Start, remote = 1.1.1.1:500, initiator = 1
Jul 17 14:55:31 ike_send_packet: Start, send SA = { c6d2d864 027c5e3f - 00000000 00000000}, nego = -1, dst = 1.1.1.1:500, routing table id = 0
Jul 17 14:55:31 ike_get_sa: Start, SA = { c6d2d864 027c5e3f - a03b47c8 5695f702 } / 00000000, remote = 1.1.1.1:500
Jul 17 14:55:31 ike_send_packet: Start, send SA = { c6d2d864 027c5e3f - a03b47c8 5695f702}, nego = -1, dst = 1.1.1.1:500, routing table id = 0
Jul 17 14:55:31 ike_get_sa: Start, SA = { c6d2d864 027c5e3f - a03b47c8 5695f702 } / 00000000, remote = 1.1.1.1:500
Jul 17 14:55:31 ike_find_pre_shared_key: Find pre shared key key for 2.2.2.2:500, id = ipv4(any:0,[0..3]=2.2.2.2) -> 1.1.1.1:500, id = No Id
Jul 17 14:55:31 ike_send_packet: Start, send SA = { c6d2d864 027c5e3f - a03b47c8 5695f702}, nego = -1, dst = 1.1.1.1:4500, routing table id = 0
Jul 17 14:55:31 ike_get_sa: Start, SA = { c6d2d864 027c5e3f - a03b47c8 5695f702 } / 00000000, remote = 1.1.1.1:4500
Jul 17 14:55:31 2.2.2.2:4500 (Initiator) <-> 1.1.1.1:4500 { c6d2d864 027c5e3f - a03b47c8 5695f702 [-1] / 0x00000000 } IP; MESSAGE: Phase 1 version = 1.0, auth_method = Pre shared keys, cipher = 3des-cbc, hash = md5, prf = hmac-md5, life = 0 kB / 86400 sec, key
Jul 17 14:55:31 iked_pm_ike_sa_done: local:2.2.2.2, remote:1.1.1.1 IKEv1
Jul 17 14:55:31 Construction NHTB payload for local:2.2.2.2, remote:1.1.1.1 IKEv1 P1 SA index 7280781 sa-cfg viva-prod-s2s-vpn
Jul 17 14:55:31 ike_send_packet: Start, send SA = { c6d2d864 027c5e3f - a03b47c8 5695f702}, nego = 0, dst = 1.1.1.1:4500, routing table id = 0
Jul 17 14:55:31 ike_send_packet: Start, send SA = { c6d2d864 027c5e3f - a03b47c8 5695f702}, nego = 1, dst = 1.1.1.1:4500, routing table id = 0
Jul 17 14:55:31 IKE SA delete called for p1 sa 7280781 (ref cnt 2) local:2.2.2.2, remote:1.1.1.1, IKEv1
Jul 17 14:55:32 ike_get_sa: Start, SA = { c6d2d864 027c5e3f - a03b47c8 5695f702 } / 85d8bc35, remote = 1.1.1.1:4500
Jul 17 14:55:32 ike_get_sa: Invalid cookie, no sa found, SA = { c6d2d864 027c5e3f - a03b47c8 5695f702 } / 85d8bc35, remote = 1.1.1.1:4500
Jul 17 14:55:32 unknown (unknown) <-> unknown { unknown [unknown] / unknown } unknown; Packet to unknown Isakmp SA, ip = 1.1.1.1:4500
Jul 17 14:55:32 ike_get_sa: Start, SA = { c6d2d864 027c5e3f - a03b47c8 5695f702 } / 7453c9c4, remote = 1.1.1.1:4500
Jul 17 14:55:32 ike_get_sa: Invalid cookie, no sa found, SA = { c6d2d864 027c5e3f - a03b47c8 5695f702 } / 7453c9c4, remote = 1.1.1.1:4500
Jul 17 14:55:32 unknown (unknown) <-> unknown { unknown [unknown] / unknown } unknown; Packet to unknown Isakmp SA, ip = 1.1.1.1:4500""