c1841: Connection-id:Engine-id = 0:0(unknown)

Discussion in 'Cisco' started by Stefan, Jun 16, 2006.

  1. Stefan

    Stefan Guest

    e try to setup an ipsec vpn tunnel between two cisco routers
    (Site-A 192.168.123.2 and Site-B 192.168.36.250). Until today
    I would like to say that we're familiar with setting up vpn and
    managing cisco routers (for our purposes) but there is something
    new at Site-B with the c1841.

    Both sides are vpn configured in old fashioned way starting
    isakmp phase1 negotiation but don't reach the QM_IDLE state.

    The output of "sh crypto isakmp sa detail" shows at Site-A
    "Connection-id:Engine-id = 103:2(hardware)" but at Site-B
    "Connection-id:Engine-id = 0:0(unknown) (deleted)".

    Should the connection-id:engine-id not be automaticaly assigned?
    We disabled aim (no crypto engine accelerator) to see software
    engine but it stays unkown.

    What we're missing?


    Cisco 3745 at Site-A
    --------------------

    c3745-advipservicesk9-mz.123-11.T2.bin

    Cisco 3745 (R7000) processor (revision 2.0) with 249856K/12288K bytes of
    memory.
    Processor board ID JHY0853K26K
    R7000 CPU at 350MHz, Implementation 39, Rev 3.3, 256KB L2, 2048KB L3 Cache
    2 FastEthernet interfaces
    1 Serial interface
    14 terminal lines
    1 Channelized E1/PRI port
    1 Virtual Private Network (VPN) Module
    DRAM configuration is 64 bits wide with parity disabled.
    151K bytes of NVRAM.
    62720K bytes of ATA System CompactFlash (Read/Write)

    Configuration register is 0x2102


    Codes: C - IKE configuration mode, D - Dead Peer Detection
    K - Keepalives, N - NAT-traversal
    X - IKE Extended Authentication
    psk - Preshared key, rsig - RSA signature
    renc - RSA encryption

    C-id Local Remote I-VRF Status Encr Hash Auth DH
    Lifetime Cap.
    103 192.168.123.2 192.168.36.250 ACTIVE des sha psk 1 0
    Connection-id:Engine-id = 103:2(hardware)
    16 192.168.123.2 192.168.28.2 ACTIVE des sha psk 1
    06:29:28
    Connection-id:Engine-id = 16:2(hardware)



    Cisco 1841 at Site-B
    --------------------
    c1841-advipservicesk9-mz.124-3b.bin

    Cisco 1841 (revision 6.0) with 236544K/25600K bytes of memory.
    Processor board ID FCZ100511X4
    2 FastEthernet interfaces
    2 Virtual Private Network (VPN) Modules
    DRAM configuration is 64 bits wide with parity disabled.
    191K bytes of NVRAM.
    62592K bytes of ATA CompactFlash (Read/Write)

    Configuration register is 0x2102


    Codes: C - IKE configuration mode, D - Dead Peer Detection
    K - Keepalives, N - NAT-traversal
    X - IKE Extended Authentication
    psk - Preshared key, rsig - RSA signature
    renc - RSA encryption

    C-id Local Remote I-VRF Status Encr Hash Auth DH
    Lifetime Cap.
    0 192.168.36.250 192.168.123.2 ACTIVE 0 0
    Connection-id:Engine-id = 0:0(unknown) (deleted)



    router#sh crypto engine configuration


    crypto engine name: Virtual Private Network (VPN) Module
    crypto engine type: hardware
    State: Enabled
    Location: aim 0
    VPN Module in slot: 0
    Product Name: AIM-VPN/BPII-PLUS
    Software Serial #: 55AA
    Device ID: 001E - revision 0000
    Vendor ID: 13A3
    Revision No: 0x001E0000
    VSK revision: 0
    Boot version: 255
    DPU version: 0
    HSP version: 2.3(22) (ALPHA)
    Time running: 1w6d
    Compression: Yes
    DES: Yes
    3 DES: Yes
    AES CBC: Yes (128,192,256)
    AES CNTR: No
    Maximum buffer length: 4096
    Maximum DH index: 1000
    Maximum SA index: 1000
    Maximum Flow index: 2000
    Maximum RSA key size: 2048

    crypto engine name: Virtual Private Network (VPN) Module
    crypto engine type: hardware
    State: Disabled
    Location: onboard 0
    HW Version: 1.0
    Compression: Yes
    DES: Yes
    3 DES: Yes
    AES CBC: Yes (128,192,256)
    AES CNTR: No
    Maximum buffer length: 4096
    Maximum DH index: 0150
    Maximum SA index: 0150
    Maximum Flow index: 0300
    Maximum RSA key size: 0000

    crypto lib version: 19.0.0

    crypto engine in slot: 0
    platform: VPN hardware accelerator

    Crypto Adjacency Counts:
    Lock Count: 0
    Unlock Count: 0
    crypto lib version: 19.0.0
     
    Stefan, Jun 16, 2006
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Headtheball

    Unknown Trojan causing wireless connection to fail

    Headtheball, Oct 3, 2004, in forum: Wireless Networking
    Replies:
    1
    Views:
    1,656
  2. =?Utf-8?B?dmxiYXlzYWlsb3I=?=

    Have an unknown computer in my workgroup

    =?Utf-8?B?dmxiYXlzYWlsb3I=?=, Aug 2, 2005, in forum: Wireless Networking
    Replies:
    2
    Views:
    3,478
    Clark
    Aug 2, 2005
  3. Andreas Rainer

    Unknown Connection

    Andreas Rainer, Mar 20, 2007, in forum: Computer Security
    Replies:
    6
    Views:
    803
    Sebastian Gottschalk
    Mar 21, 2007
  4. Tanja
    Replies:
    0
    Views:
    815
    Tanja
    Jan 25, 2008
  5. mmark751969

    C1841

    mmark751969, Apr 18, 2009, in forum: Cisco
    Replies:
    3
    Views:
    556
    Igor Mamuzic aka Pseto
    Apr 20, 2009
Loading...

Share This Page