Velocity Reviews

Velocity Reviews (http://www.velocityreviews.com/forums/index.php)
-   Cisco (http://www.velocityreviews.com/forums/f27-cisco.html)
-   -   c1841: Connection-id:Engine-id = 0:0(unknown) (http://www.velocityreviews.com/forums/t299771-c1841-connection-id-engine-id-0-0-unknown.html)

Stefan 06-16-2006 11:05 AM

c1841: Connection-id:Engine-id = 0:0(unknown)
 
e try to setup an ipsec vpn tunnel between two cisco routers
(Site-A 192.168.123.2 and Site-B 192.168.36.250). Until today
I would like to say that we're familiar with setting up vpn and
managing cisco routers (for our purposes) but there is something
new at Site-B with the c1841.

Both sides are vpn configured in old fashioned way starting
isakmp phase1 negotiation but don't reach the QM_IDLE state.

The output of "sh crypto isakmp sa detail" shows at Site-A
"Connection-id:Engine-id = 103:2(hardware)" but at Site-B
"Connection-id:Engine-id = 0:0(unknown) (deleted)".

Should the connection-id:engine-id not be automaticaly assigned?
We disabled aim (no crypto engine accelerator) to see software
engine but it stays unkown.

What we're missing?


Cisco 3745 at Site-A
--------------------

c3745-advipservicesk9-mz.123-11.T2.bin

Cisco 3745 (R7000) processor (revision 2.0) with 249856K/12288K bytes of
memory.
Processor board ID JHY0853K26K
R7000 CPU at 350MHz, Implementation 39, Rev 3.3, 256KB L2, 2048KB L3 Cache
2 FastEthernet interfaces
1 Serial interface
14 terminal lines
1 Channelized E1/PRI port
1 Virtual Private Network (VPN) Module
DRAM configuration is 64 bits wide with parity disabled.
151K bytes of NVRAM.
62720K bytes of ATA System CompactFlash (Read/Write)

Configuration register is 0x2102


Codes: C - IKE configuration mode, D - Dead Peer Detection
K - Keepalives, N - NAT-traversal
X - IKE Extended Authentication
psk - Preshared key, rsig - RSA signature
renc - RSA encryption

C-id Local Remote I-VRF Status Encr Hash Auth DH
Lifetime Cap.
103 192.168.123.2 192.168.36.250 ACTIVE des sha psk 1 0
Connection-id:Engine-id = 103:2(hardware)
16 192.168.123.2 192.168.28.2 ACTIVE des sha psk 1
06:29:28
Connection-id:Engine-id = 16:2(hardware)



Cisco 1841 at Site-B
--------------------
c1841-advipservicesk9-mz.124-3b.bin

Cisco 1841 (revision 6.0) with 236544K/25600K bytes of memory.
Processor board ID FCZ100511X4
2 FastEthernet interfaces
2 Virtual Private Network (VPN) Modules
DRAM configuration is 64 bits wide with parity disabled.
191K bytes of NVRAM.
62592K bytes of ATA CompactFlash (Read/Write)

Configuration register is 0x2102


Codes: C - IKE configuration mode, D - Dead Peer Detection
K - Keepalives, N - NAT-traversal
X - IKE Extended Authentication
psk - Preshared key, rsig - RSA signature
renc - RSA encryption

C-id Local Remote I-VRF Status Encr Hash Auth DH
Lifetime Cap.
0 192.168.36.250 192.168.123.2 ACTIVE 0 0
Connection-id:Engine-id = 0:0(unknown) (deleted)



router#sh crypto engine configuration


crypto engine name: Virtual Private Network (VPN) Module
crypto engine type: hardware
State: Enabled
Location: aim 0
VPN Module in slot: 0
Product Name: AIM-VPN/BPII-PLUS
Software Serial #: 55AA
Device ID: 001E - revision 0000
Vendor ID: 13A3
Revision No: 0x001E0000
VSK revision: 0
Boot version: 255
DPU version: 0
HSP version: 2.3(22) (ALPHA)
Time running: 1w6d
Compression: Yes
DES: Yes
3 DES: Yes
AES CBC: Yes (128,192,256)
AES CNTR: No
Maximum buffer length: 4096
Maximum DH index: 1000
Maximum SA index: 1000
Maximum Flow index: 2000
Maximum RSA key size: 2048

crypto engine name: Virtual Private Network (VPN) Module
crypto engine type: hardware
State: Disabled
Location: onboard 0
HW Version: 1.0
Compression: Yes
DES: Yes
3 DES: Yes
AES CBC: Yes (128,192,256)
AES CNTR: No
Maximum buffer length: 4096
Maximum DH index: 0150
Maximum SA index: 0150
Maximum Flow index: 0300
Maximum RSA key size: 0000

crypto lib version: 19.0.0

crypto engine in slot: 0
platform: VPN hardware accelerator

Crypto Adjacency Counts:
Lock Count: 0
Unlock Count: 0
crypto lib version: 19.0.0






All times are GMT. The time now is 11:41 PM.

Powered by vBulletin®. Copyright ©2000 - 2014, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.