ASA 5505. VPN Site-to-Site does not connect!

Hello!
Already more than a week ago, as we had a new channel of communication from MGTSa (ONT terminal Sercomm RV6688BCM, who just barely made in the "bridge" - was forced to make the provider in order to receive our white Cisco Ip-address), and now I'm trying too much more than a week to raise between our offices firm VPN IKEv1 IPsec Site-to-Site tunnel.
Configurable and use the wizard in ASDM and handles in CLI, the result of one, the connection does not rise.
Version Cisco 9.2 (2), the image of Cisco asa922-k8.bin, version license Security Plus, version ASDM 7.2 (2).
What I'll never know ...
Full configuration and debug enclose below.
Help, what can follow any responses, please! I was quite exhausted!
Config:
Result of the command: "sh run"
: Saved
: Serial Number: XXXXXXXXXXXX
: Hardware:   ASA5505, 512 MB RAM, CPU Geode 500 MHz
ASA Version 9.2(2)
hostname gate-71
enable password F6OJ0GOws7WHxeql encrypted
names
ip local pool vpnpool 10.1.72.100-10.1.72.120 mask 255.255.255.0
interface Ethernet0/0
 switchport access vlan 2
interface Ethernet0/1
interface Ethernet0/2
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
interface Vlan1
 nameif inside
 security-level 100
 ip address 10.1.72.254 255.255.255.0
interface Vlan2
 nameif outside_mgts
 security-level 0
 ip address 62.112.100.R1 255.255.255.252
ftp mode passive
clock timezone MSK/MSD 3
clock summer-time MSK/MDD recurring last Sun Mar 2:00 last Sun Oct 3:00
dns domain-lookup inside
dns server-group MGTS
 name-server 195.34.31.50
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
object network obj_any
 subnet 0.0.0.0 0.0.0.0
object network NET72
 subnet 10.1.72.0 255.255.255.0
object network obj-0.0.0.0
 host 0.0.0.0
object network Nafanya
 host 10.1.72.5
object network obj-10.1.72.0
 subnet 10.1.72.0 255.255.255.0
object network NET61
 subnet 10.1.61.0 255.255.255.0
object network NETWORK_OBJ_10.1.72.96_27
 subnet 10.1.72.96 255.255.255.224
object network NETT72
 subnet 10.1.72.0 255.255.255.0
object network NET30
 subnet 10.1.30.0 255.255.255.0
object network NETWORK_OBJ_10.1.72.0_24
 subnet 10.1.72.0 255.255.255.0
object-group service OG-FROM-INET
 service-object icmp echo
 service-object icmp echo-reply
 service-object icmp traceroute
 service-object icmp unreachable
 service-object tcp-udp destination eq echo
object-group network DM_INLINE_NETWORK_1
 network-object object NET30
 network-object object NET72
object-group service DM_INLINE_TCP_1 tcp
 port-object eq www
 port-object eq https
access-list inside_access_in extended permit ip object NET72 object-group DM_INLINE_NETWORK_1
access-list inside_access_in extended permit ip 10.1.72.0 255.255.255.0 any
access-list inside_access_in extended permit ip object Nafanya any inactive
access-list inside_access_in extended permit object-group OG-FROM-INET any any
access-list inside_access_in extended permit ip any any
access-list inside_access_in extended deny ip any any log alerts
access-list outside_mgts_access_in extended permit object-group OG-FROM-INET any any
access-list outside_mgts_access_in extended permit tcp any any object-group DM_INLINE_TCP_1
access-list outside_mgts_access_in extended deny ip any any log alerts
access-list outside_mgts_cryptomap extended permit ip 10.1.72.0 255.255.255.0 object NET61
access-list VPN-ST_splitTunnelAcl standard permit 10.1.72.0 255.255.255.0
pager lines 24
logging enable
logging asdm informational
mtu inside 1500
mtu outside_mgts 1500
ip verify reverse-path interface outside_mgts
no failover
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
no arp permit-nonconnected
nat (inside,outside_mgts) source static NET72 NET72 destination static NETWORK_OBJ_10.1.72.96_27 NETWORK_OBJ_10.1.72.96_27 no-proxy-arp route-lookup
nat (inside,outside_mgts) source static NETWORK_OBJ_10.1.72.0_24 NETWORK_OBJ_10.1.72.0_24 destination static NET61 NET61 no-proxy-arp route-lookup
object network obj_any
 nat (inside,outside_mgts) dynamic obj-0.0.0.0
object network NET72
 nat (inside,outside_mgts) dynamic interface dns
access-group inside_access_in in interface inside
access-group outside_mgts_access_in in interface outside_mgts
route outside_mgts 0.0.0.0 0.0.0.0 62.112.100.R 1
timeout xlate 3:00:00
timeout pat-xlate 0:00:30
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
no user-identity enable
user-identity default-domain LOCAL
aaa authentication http console LOCAL
aaa authentication ssh console LOCAL
http server enable
http 10.1.72.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
crypto ipsec ikev1 transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-128-SHA-TRANS esp-aes esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-128-SHA-TRANS mode transport
crypto ipsec ikev1 transform-set ESP-AES-128-MD5-TRANS esp-aes esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-128-MD5-TRANS mode transport
crypto ipsec ikev1 transform-set ESP-AES-192-SHA-TRANS esp-aes-192 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-192-SHA-TRANS mode transport
crypto ipsec ikev1 transform-set ESP-AES-192-MD5-TRANS esp-aes-192 esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-192-MD5-TRANS mode transport
crypto ipsec ikev1 transform-set ESP-AES-256-SHA-TRANS esp-aes-256 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-256-SHA-TRANS mode transport
crypto ipsec ikev1 transform-set ESP-AES-256-MD5-TRANS esp-aes-256 esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-256-MD5-TRANS mode transport
crypto ipsec ikev1 transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-3DES-SHA-TRANS esp-3des esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-3DES-SHA-TRANS mode transport
crypto ipsec ikev1 transform-set ESP-3DES-MD5-TRANS esp-3des esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-3DES-MD5-TRANS mode transport
crypto ipsec ikev1 transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-DES-SHA-TRANS esp-des esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-DES-SHA-TRANS mode transport
crypto ipsec ikev1 transform-set ESP-DES-MD5-TRANS esp-des esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-DES-MD5-TRANS mode transport
crypto ipsec ikev2 ipsec-proposal AES256
 protocol esp encryption aes-256
 protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES192
 protocol esp encryption aes-192
 protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES
 protocol esp encryption aes
 protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal 3DES
 protocol esp encryption 3des
 protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal DES
 protocol esp encryption des
 protocol esp integrity sha-1 md5
crypto ipsec security-association pmtu-aging infinite
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs group1
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev2 ipsec-proposal AES256 AES192 AES 3DES DES
crypto map outside_mgts_map 1 match address outside_mgts_cryptomap
crypto map outside_mgts_map 1 set pfs group1
crypto map outside_mgts_map 1 set peer 91.188.180.42
crypto map outside_mgts_map 1 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto map outside_mgts_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map outside_mgts_map interface outside_mgts
crypto map inside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map inside_map interface inside
crypto ca trustpoint ASDM_TrustPoint0
 enrollment self
 email [email protected]
 subject-name CN=gate-71
 serial-number
 ip-address 62.112.100.42
 proxy-ldc-issuer
 crl configure
crypto ca trustpoint ASDM_TrustPoint1
 enrollment self
 keypair ASDM_TrustPoint1
 crl configure
crypto ca trustpool policy
crypto ca certificate chain ASDM_TrustPoint0
 certificate eff26954
    30820395 3082027d a0030201 020204ef f2695430 0d06092a 864886f7 0d010105
    019
    6460ae26 ec5f301d 0603551d 0e041604 14c9a3f2 d70e6789 38fa4b01 465d1964
    60ae26ec 5f300d06 092a8648 86f70d01 01050500 03820101 00448753 7baa5c77
    62857b65 d05dc91e 3edfabc6 7b3771af bbedee14 673ec67d 3d0c2de4 b7a7ac05
    5f203a8c 98ab52cf 076401e5 1a2c6cb9 3f7afcba 52c617a5 644ece10 d6e1fd7d
    28b57d8c aaf49023 2037527e 9fcfa218 9883191f 60b221bf a561f2be d6882091
    0222b7a3 3880d6ac 49328d1f 2e085b15 6d1c1141 5f850e5c b6cb3e67 0e373591
    94a82781 44493217 38097952 003d5552 5c445f1f 92f04039 a23fba20 b9d51b13
    f511f311 d1feb2bb 6d056a15 7e63cc1b 1f134677 8124c024 3af56b97 51af8253
    486844bc b1954abe 8acd7108 5e4212df 193b8167 db835d76 98ffdb2b 8c8ab915
    0db3dd54 c8346b96 c4f4eff7 1e7cd576 a8b1f86e 3b868a6e 89
  quit
crypto ca certificate chain ASDM_TrustPoint1
 certificate a39a2b54
    30820377 3082025f a0030201 020204a3 9a2b5430 0d06092a 864886f7 0d010105
    0500304b 3110300e 06035504 03130767 6174652d 36313137 30120603 55040513
    c084dcd9 d250e194 abcb3eb8 1da93bd0 fb0dba1a b1c35b43 d547a841 5d4ee1a4
    14bdb207 7dd790a4 0cd70471 5f3a896a 07bd56dc ea01b3dd 254cde88 e1490e97
    f3e54c05 551adde0 66aa3782 c85880c2 b162ec29 4e49346a df71062d 6d6d8f49
    62b9de93 ba07b4f7 a50e77e1 8f54b32b 6627cb27 e982b36f 362973a0 88de3272
    9bd6d4d2 8ca1e11f 214f20a9 78bdea95 78fdc45c d6d45674 6acb9bcb d0bd930e
    638eedfe cd559ab1 e1205c48 3ee9616f e631db55 e82b623c 434ffdc1 11020301
    0001a363 3061300f 0603551d 130101ff 04053003 0101ff30 0e060355 1d0f0101
    ff040403 02018630 1f060355 1d230418 30168014 0cea70bf 0d0e0c4b eb34a0b1
    8242a549 5183ccf9 301d0603 551d0e04 1604140c ea70bf0d 0e0c4beb 34a0b182
    42a54951 83ccf930 0d06092a 864886f7 0d010105 05000382 0101004e 7bfe054a
    d434a27c 1d3dce15 529bdc5f 70a2dff1 98975de9 96077966 2a97333b 05a8e9ef
    bf320cbd ecec3819 ade20a86 9aeb5bde bd129c7b 29341e4b edf91473 f2bf235d
    9aaeae21 a629ccc6 3c79200b b9a89b08 4745a411 bf38afb6 ea56b957 4430f692
    34d71fad 588e4e18 2b2d97af b2aae6b9 b6a22350 d031615b 49ea9b9f 2fdd82e6
    ebd4dccd df93c17e deceb796 f268abf1 bd5f7b69 89183841 881409b5 f484f0e7
    ebf7481c faf69d3e 9d24df6e 9c2b0791 785019f7 a0d20e95 2ef35799 66ffc819
    4a77cdf2 c6fb4380 fe94c13c d4261655 7bf3d6ba 6289dc8b f9aad4e1 bd918fb7
    32916fe1 477666ab c2a3d591 a84dd435 51711f6e 93e2bd84 89884c
  quit
crypto isakmp identity address
crypto ikev2 policy 1
 encryption aes-256
 integrity sha
 group 5 2
 prf sha
 lifetime seconds 86400
crypto ikev2 policy 10
 encryption aes-192
 integrity sha
 group 5 2
 prf sha
 lifetime seconds 86400
crypto ikev2 policy 20
 encryption aes
 integrity sha
 group 5 2
 prf sha
 lifetime seconds 86400
crypto ikev2 policy 30
 encryption 3des
 integrity sha
 group 5 2
 prf sha
 lifetime seconds 86400
crypto ikev2 policy 40
 encryption des
 integrity sha
 group 5 2
 prf sha
 lifetime seconds 86400
crypto ikev2 enable outside_mgts client-services port 443
crypto ikev2 remote-access trustpoint ASDM_TrustPoint0
crypto ikev1 enable inside
crypto ikev1 enable outside_mgts
crypto ikev1 policy 10
 authentication crack
 encryption aes-256
 hash sha
 group 2
 lifetime 86400
crypto ikev1 policy 20
 authentication rsa-sig
 encryption aes-256
 hash sha
 group 2
 lifetime 86400
crypto ikev1 policy 30
 authentication pre-share
 encryption aes-256
 hash sha
 group 2
 lifetime 86400
crypto ikev1 policy 40
 authentication crack
 encryption aes-192
 hash sha
 group 2
 lifetime 86400
crypto ikev1 policy 50
 authentication rsa-sig
 encryption aes-192
 hash sha
 group 2
 lifetime 86400
crypto ikev1 policy 60
 authentication pre-share
 encryption aes-192
 hash sha
 group 2
 lifetime 86400
crypto ikev1 policy 70
 authentication crack
 encryption aes
 hash sha
 group 2
 lifetime 86400
crypto ikev1 policy 80
 authentication rsa-sig
 encryption aes
 hash sha
 group 2
 lifetime 86400
crypto ikev1 policy 90
 authentication pre-share
 encryption aes
 hash sha
 group 2
 lifetime 86400
crypto ikev1 policy 100
 authentication crack
 encryption 3des
 hash sha
 group 2
 lifetime 86400
crypto ikev1 policy 110
 authentication rsa-sig
 encryption 3des
 hash sha
 group 2
 lifetime 86400
crypto ikev1 policy 120
 authentication pre-share
 encryption 3des
 hash sha
 group 2
 lifetime 86400
crypto ikev1 policy 130
 authentication crack
 encryption des
 hash sha
 group 2
 lifetime 86400
crypto ikev1 policy 140
 authentication rsa-sig
 encryption des
 hash sha
 group 2
 lifetime 86400
crypto ikev1 policy 150
 authentication pre-share
 encryption des
 hash sha
 group 2
 lifetime 86400
telnet timeout 5
no ssh stricthostkeycheck
ssh 10.1.72.0 255.255.255.0 inside
ssh timeout 60
ssh key-exchange group dh-group1-sha1
console timeout 0
vpnclient server 91.188.180.X
vpnclient mode network-extension-mode
vpnclient nem-st-autoconnect
vpnclient vpngroup VPN-L2L password *****
vpnclient username aradetskayaL password *****
dhcpd auto_config outside_mgts
dhcpd update dns both override interface inside
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
ssl trust-point ASDM_TrustPoint0 inside
ssl trust-point ASDM_TrustPoint0 outside_mgts
webvpn
 enable outside_mgts
group-policy GroupPolicy_91.188.180.X internal
group-policy GroupPolicy_91.188.180.X attributes
 vpn-tunnel-protocol ikev1
group-policy VPN-ST internal
group-policy VPN-ST attributes
 dns-server value 195.34.31.50 8.8.8.8
 vpn-tunnel-protocol ikev1
 split-tunnel-policy tunnelspecified
 split-tunnel-network-list value VPN-ST_splitTunnelAcl
 default-domain none
username aradetskayaL password HR3qeva85hzXT6KK encrypted privilege 15
tunnel-group 91.188.180.X type ipsec-l2l
tunnel-group 91.188.180.X general-attributes
 default-group-policy GroupPolicy_91.188.180.42
tunnel-group 91.188.180.X ipsec-attributes
 ikev1 pre-shared-key *****
 ikev2 remote-authentication pre-shared-key *****
 ikev2 remote-authentication certificate
 ikev2 local-authentication pre-shared-key *****
tunnel-group VPN-ST type remote-access
tunnel-group VPN-ST general-attributes
 address-pool vpnpool
 default-group-policy VPN-ST
tunnel-group VPN-ST ipsec-attributes
 ikev1 pre-shared-key *****
class-map inspection_default
 match default-inspection-traffic
policy-map type inspect dns preset_dns_map
 parameters
  message-length maximum client auto
  message-length maximum 512
policy-map global_policy
 class inspection_default
  inspect dns preset_dns_map
  inspect ftp
  inspect h323 h225
  inspect h323 ras
  inspect rsh
  inspect rtsp
  inspect sqlnet
  inspect skinny 
  inspect sunrpc
  inspect xdmcp
  inspect sip 
  inspect netbios
  inspect tftp
  inspect ip-options
  inspect icmp
  inspect icmp error
service-policy global_policy global
prompt hostname context
no call-home reporting anonymous
Cryptochecksum:212e4f5035793d1c219fed57751983d8
: end
gate-71# sh crypto ikev1 sa
There are no IKEv1 SAs
gate-71# sh crypto ikev2 sa
There are no IKEv2 SAs
gate-71# sh crypto ipsec sa
There are no ipsec sas
gate-71# sh crypto isakmp
There are no IKEv1 SAs
There are no IKEv2 SAs
Global IKEv1 Statistics
  Active Tunnels:              0
  Previous Tunnels:            0
  In Octets:                   0
  In Packets:                  0
  In Drop Packets:             0
  In Notifys:                  0
  In P2 Exchanges:             0
  In P2 Exchange Invalids:     0
  In P2 Exchange Rejects:      0
  In P2 Sa Delete Requests:    0
  Out Octets:                  0
  Out Packets:                 0
  Out Drop Packets:            0
  Out Notifys:                 0
  Out P2 Exchanges:            0
  Out P2 Exchange Invalids:    0
  Out P2 Exchange Rejects:     0
  Out P2 Sa Delete Requests:   0
  Initiator Tunnels:           0
  Initiator Fails:             0
  Responder Fails:             0
  System Capacity Fails:       0
  Auth Fails:                  0
  Decrypt Fails:               0
  Hash Valid Fails:            0
  No Sa Fails:                 0
IKEV1 Call Admission Statistics
  Max In-Negotiation SAs:                 25
  In-Negotiation SAs:                      0
  In-Negotiation SAs Highwater:            0
  In-Negotiation SAs Rejected:             0
Global IKEv2 Statistics
  Active Tunnels:                          0
  Previous Tunnels:                        0
  In Octets:                               0
  In Packets:                              0
  In Drop Packets:                         0
  In Drop Fragments:                       0
  In Notifys:                              0
  In P2 Exchange:                          0
  In P2 Exchange Invalids:                 0
  In P2 Exchange Rejects:                  0
  In IPSEC Delete:                         0
  In IKE Delete:                           0
  Out Octets:                              0
  Out Packets:                             0
  Out Drop Packets:                        0
  Out Drop Fragments:                      0
  Out Notifys:                             0
  Out P2 Exchange:                         0
  Out P2 Exchange Invalids:                0
  Out P2 Exchange Rejects:                 0
  Out IPSEC Delete:                        0
  Out IKE Delete:                          0
  SAs Locally Initiated:                   0
  SAs Locally Initiated Failed:            0
  SAs Remotely Initiated:                  0
  SAs Remotely Initiated Failed:           0
  System Capacity Failures:                0
  Authentication Failures:                 0
  Decrypt Failures:                        0
  Hash Failures:                           0
  Invalid SPI:                             0
  In Configs:                              0
  Out Configs:                             0
  In Configs Rejects:                      0
  Out Configs Rejects:                     0
  Previous Tunnels:                        0
  Previous Tunnels Wraps:                  0
  In DPD Messages:                         0
  Out DPD Messages:                        0
  Out NAT Keepalives:                      0
  IKE Rekey Locally Initiated:             0
  IKE Rekey Remotely Initiated:            0
  CHILD Rekey Locally Initiated:           0
  CHILD Rekey Remotely Initiated:          0
IKEV2 Call Admission Statistics
  Max Active SAs:                   No Limit
  Max In-Negotiation SAs:                 50
  Cookie Challenge Threshold:          Never
  Active SAs:                              0
  In-Negotiation SAs:                      0
  Incoming Requests:                       0
  Incoming Requests Accepted:              0
  Incoming Requests Rejected:              0
  Outgoing Requests:                       0
  Outgoing Requests Accepted:              0
  Outgoing Requests Rejected:              0
  Rejected Requests:                       0
  Rejected Over Max SA limit:              0
  Rejected Low Resources:                  0
  Rejected Reboot In Progress:             0
  Cookie Challenges:                       0
  Cookie Challenges Passed:                0
  Cookie Challenges Failed:                0
Global IKEv1 IPSec over TCP Statistics
Embryonic connections: 0
Active connections: 0
Previous connections: 0
Inbound packets: 0
Inbound dropped packets: 0
Outbound packets: 0
Outbound dropped packets: 0
RST packets: 0
Recevied ACK heart-beat packets: 0
Bad headers: 0
Bad trailers: 0
Timer failures: 0
Checksum errors: 0
Internal errors: 0
gate-71# sh crypto protocol statistics all
[IKEv1 statistics]
   Encrypt packet requests: 0
   Encapsulate packet requests: 0
   Decrypt packet requests: 0
   Decapsulate packet requests: 0
   HMAC calculation requests: 0
   SA creation requests: 0
   SA rekey requests: 0
   SA deletion requests: 0
   Next phase key allocation requests: 0
   Random number generation requests: 0
   Failed requests: 0
[IKEv2 statistics]
   Encrypt packet requests: 0
   Encapsulate packet requests: 0
   Decrypt packet requests: 0
   Decapsulate packet requests: 0
   HMAC calculation requests: 0
   SA creation requests: 0
   SA rekey requests: 0
   SA deletion requests: 0
   Next phase key allocation requests: 0
   Random number generation requests: 0
   Failed requests: 0
[IPsec statistics]
   Encrypt packet requests: 0
   Encapsulate packet requests: 0
   Decrypt packet requests: 0
   Decapsulate packet requests: 0
   HMAC calculation requests: 0
   SA creation requests: 0
   SA rekey requests: 0
   SA deletion requests: 0
   Next phase key allocation requests: 0
   Random number generation requests: 0
   Failed requests: 0
[SSL statistics]
   Encrypt packet requests: 19331
   Encapsulate packet requests: 19331
   Decrypt packet requests: 437
   Decapsulate packet requests: 437
   HMAC calculation requests: 19768
   SA creation requests: 178
   SA rekey requests: 0
   SA deletion requests: 176
   Next phase key allocation requests: 0
   Random number generation requests: 0
   Failed requests: 0
[SSH statistics are not supported]
[SRTP statistics]
   Encrypt packet requests: 0
   Encapsulate packet requests: 0
   Decrypt packet requests: 0
   Decapsulate packet requests: 0
   HMAC calculation requests: 0
   SA creation requests: 0
   SA rekey requests: 0
   SA deletion requests: 0
   Next phase key allocation requests: 0
   Random number generation requests: 0
   Failed requests: 0
[Other statistics]
   Encrypt packet requests: 0
   Encapsulate packet requests: 0
   Decrypt packet requests: 0
   Decapsulate packet requests: 0
   HMAC calculation requests: 6238
   SA creation requests: 0
   SA rekey requests: 0
   SA deletion requests: 0
   Next phase key allocation requests: 0
   Random number generation requests: 76
   Failed requests: 9
gate-71# sh crypto ca trustpoints
Trustpoint ASDM_TrustPoint0:
    Configured for self-signed certificate generation.
Trustpoint ASDM_TrustPoint1:
    Configured for self-signed certificate generation.
If you need something more, then lay out!
Please explain why it is I do not want to work?

When I launched a packet tracer from the CLI connection has gone! Hooray!
I just do not understand why it had not launched with the same settings?
As I understood MGTS finally required ports began to miss!

Similar Messages

  • ASA 5505 Isolated Networks with Site-to-Site VPN Access

    I'm in the process of setting up an ASA 5505 for a remote site and needed some assistance determining if what I want to do is possible as well as if I need to upgrade the license from Base to Security Plus.
    Remote Site ASA 5505 Interfaces:
    Outside (Interface 0) - Public Internet, Static IP (Connected to Sierra Wireless AirLink Gateway)
    AMI (Interface 1) (VLAN 742) - 10.40.31.129/25 
    SCADA (Interface 2) (VLAN 772) - 10.70.0.5/30 
    I need to ensure that the two internal VLANs cannot access/talk to one another and the "SCADA" network cannot access Internet, just remote subnets across a VPN tunnel.
    ASA will need to have three IPsec tunnels:
    Tunnel 1 to SCADA Firewall
    Remote Site - 10.70.0.4/30 Subnet
    Central Site - 10.101.41.0/24 Subnet
    Tunnel 2 to Corporate Firewall
    Remote Site - 10.40.31.129/25 Subnet
    Central Site - 192.168.110.0/24 and 192.168.210.0/24 Subnet
    Tunnel 3 to Partner Firewall
    Remote Site - 10.40.31.129/25 Subnet
    Partner Site Subnets
    The ASA is running 9.1(5) and ASDM 7.1(6).  
    I've attached a diagram of what the connections look like between sites.

    I reviewed your diagram attached and trying to give you as much as I can.
    other gurus, pls correct me if I am missing anything.
    if I remember correctly, with base license, you can set up vpn peers.
    interface Ethernet0/0
    nameif outside
    security-level 0
    ip address public ip, subnet mask
    int e0/1
    nameif AMI
    security-level 100
    ip add 10.40.31.129 255.255.255.128
    int e0/2
    nameif SCADA
    security-level 10
    ip add 10.70.0.5 255.255.255.252
    route outside 0.0.0.0 0.0.0.0 public IP
    tunnel-group 173.8.244.181 type ipsec-l2l
    tunnel-group 173.8.244.181 ipsec-attributes
     ikev1 pre-shared-key Pr3$h@r3DkEyScAdA
    tunnel-group 173.8.244.189 type ipsec-l2l
    tunnel-group 173.8.244.189 ipsec-attributes
     ikev1 pre-shared-key Pr3$h@r3DkEyC0Rp
    tunnel-group 148.80.252.60 type ipsec-l2l
    tunnel-group 148.80.252.60 ipsec-attributes
     ikev1 pre-shared-key Pr3$h@r3DkEypArTN3R
    crypto ikev1 enable outside -- enabling for outside interface
    crypto ikev1 policy 10
     authentication pre-share
     encryption aes
     hash sha
     group 2
     lifetime 86400
    crypto ikev1 policy 15
     authentication pre-share
     encryption aes-256
     hash sha
     group 2
     lifetime 86400
    crypto ikev1 policy 20
     authentication pre-share
     encryption 3des
     hash sha
     group 2
     lifetime 28800
    crypto ipsec ikev2 ipsec-proposal AES256
     protocol esp encryption aes-256
     protocol esp integrity sha-1 md5
    crypto ipsec ikev2 ipsec-proposal AES192
     protocol esp encryption aes-192
     protocol esp integrity sha-1 md5
    crypto ipsec ikev2 ipsec-proposal AES
     protocol esp encryption aes
     protocol esp integrity sha-1 md5
    crypto ipsec ikev2 ipsec-proposal 3DES
     protocol esp encryption 3des
     protocol esp integrity sha-1 md5
    crypto ipsec ikev2 ipsec-proposal DES
     protocol esp encryption des
     protocol esp integrity sha-1 md5
    crypto ipsec security-association lifetime seconds 86400
    crypto ipsec ikev1 transform-set kerseyami esp-aes-256 esp-sha-hmac
    crypto map VPN 10 match address SCADA
    crypto map VPN 10 set peer  173.8.244.181
    crypto map VPN 10 set ikev1 transform-set kerseyami
    crypto map VPN 10 set security-association lifetime seconds 86400
    crypto map VPN 20 match address CORP
    crypto map VPN 20 set peer  173.8.244.189
    crypto map VPN 20 set ikev1 transform-set kerseyami
    crypto map VPN 20 set security-association lifetime seconds 86400
    crypto map VPN 30 match address PARTNER-FW
    crypto map VPN 30 set peer 148.80.252.60   
    crypto map VPN 30 set ikev1 transform-set kerseyami
    crypto map VPN 30 set security-association lifetime seconds 86400
    access-list SCADA extended permit ip 10.40.31.128 255.255.255.128 10.101.41.0 255.255.255.0
    access-list CORP extended permit ip 10.40.31.128 255.255.255.128 192.168.110.0 255.255.255.0
    access-list PARTNER-FW extended permit ip 10.40.31.128 255.255.255.128 subnets behind your Partner-FW
    Note: on the other side of the firewalls, like SCADA side, CORP Side and Partner FW side, you need to configure same pre-shared key, same crypto ike 1 and 2 policies & same interesting traffic in order to have this working.
    let us know how this works.
    JD...

  • The master site control file does not contain a component item for SMS_STATUS_MANAGER.

    New to the System Center world. We are using a fresh install of Server 2012 R2 and System Center R2 with everything working until Server 2012 R2 Update 1 was installed. Now we are getting the following:
    Site type: Primary Site or CAS SMS_STATUS_MANAGER
    6/4/2014 1:35:21 PM 10996 (0x2AF4)
    Resolved the "Status Manager" inbox to "C:\Program Files\Microsoft Configuration Manager\inboxes\statmgr.box\statmsgs".
    SMS_STATUS_MANAGER 6/4/2014 1:35:21 PM
    10996 (0x2AF4)
    Opened a change notification handle for directory "C:\Program Files\Microsoft Configuration Manager\inboxes\statmgr.box\statmsgs".
    SMS_STATUS_MANAGER 6/4/2014 1:35:21 PM
    10996 (0x2AF4)
    Resolved the "Site Control Manager (Master Site Control File)" inbox to "C:\Program Files\Microsoft Configuration Manager\inboxes\sitectrl.box".
    SMS_STATUS_MANAGER 6/4/2014 1:35:21 PM
    10996 (0x2AF4)
    Opened a change notification handle for directory "C:\Program Files\Microsoft Configuration Manager\inboxes\sitectrl.box".
    SMS_STATUS_MANAGER 6/4/2014 1:35:21 PM
    10996 (0x2AF4)
    Parsed the master site control file, serial number 1551209029.
    SMS_STATUS_MANAGER 6/4/2014 1:35:21 PM
    10996 (0x2AF4)
    This site is the central site. SMS_STATUS_MANAGER
    6/4/2014 1:35:21 PM 10996 (0x2AF4)
    ERROR: The master site control file does not contain a component item for SMS_STATUS_MANAGER.
    SMS_STATUS_MANAGER 6/4/2014 1:35:21 PM
    10996 (0x2AF4)
    Sleeping for 60 seconds... SMS_STATUS_MANAGER
    6/4/2014 1:35:21 PM 10996 (0x2AF4)
    Any thoughts on how to fix this? Seen a few references to a "site reset" for SCCM 2007 but wanted to make sure there wasn't anything else to try before heading down that road with 2012R2.

    A site reset can also be done in CM12 so it's worth a try.
    Torsten Meringer | http://www.mssccmfaq.de

  • When I link to an external site, the link does not work, if I right click "Open in new tab" the link works.

    When I link to an external site, the link does not work, if I right click "Open in new tab" the link works.

    I have not changed any of my preferences and they look like they are as I would have left them.
    I tried resetting Firefox and deleting the preference file, no change.
    By the way, I hate that the tabs are on top and not where they belong above the pages they are for. There should still be a way in Firefox to put them back without having to use an add-in.

  • I have a web site built by Yahoo Web Site Builder which does not have a Mac version, is there any compatability between Iweb and the old Yahoo program?

    I have a web site built by Yahoo Web Site Builder which does not have a Mac version, is there any compatability between Iweb and the old Yahoo program? If not how do I clear off the old site so as to re publish with Iweb.

    iWeb cannot import published files so you would need rebuild the site.
    Yahoo hosting is notoriously poor and their tech support is awful. I would suggest you look for new hosting and start afresh. Some pointers for choosing hosting...
    http://www.iwebformusicians.com/iWeb/Website-Hosting.html
    If you do choose to go this route, transfer your domain name registration away from Yahoo to your new host.

  • I have just put a link to my web site but it does not appear while using Firefox but it does if using Internet explorer or Chrome why would this be?

    I am using Window 7 I have just put a link to my web site but it does not appear while using Firefox but it does if using Internet explorer or Chrome why would this be?
    It does appear on a friend's computer using Firefox.
    Barossa Vintage Festival ... this is the missing link on my computer just under the link named ... Autumn photo collection

    No problems here with the tree links:
    View photos
    Friends gather for breakfast
    Friends take an Autumn drive
    Photos of the Barossa Festival
    Reload the web page and bypass the cache.
    * Press and hold Shift and left-click the Reload button.
    * Press "Ctrl + F5" or press "Ctrl + Shift + R" (Windows,Linux)
    * Press "Cmd + Shift + R" (MAC)

  • The site reporter tool does not work

    There is an item in Firefox Help where you can report a Web site that does not work.  Originally, a report database was available on line and you could review existing submissions.  The database access site was officially [http://blog.mozilla.com/website-archive/2010/12/08/mozilla-reporter/ retired] and the data gathered were expurgated and dumped for everybody to download. It is 1.3 GB uncompressed; install with { gzcat | mysql mozrep; } to avoid doubling the space. 
    The [https://support.mozilla.com/en-US/kb/Menu%20Reference#w_report-broken-web-sitead site reporter tool] does not seem to work any more.  It just submits the report forever.   It seems that Mozilla has broken functionality in a supported browser, disregarding all users.   The original reporter site redirects to a new feedback site.   The problem with that site is that you have to install version 4 beta to use it, which is not nice at all.  To add exploitation to disrespect, Mozilla tries to turn all customers into beta testers.

    Hi there
    Sorry, but you need to give us more information. For starters, you *ARE* using Adobe Captivate, right? And what exactly are you trying to do where you are seeing the eyedropper isn't working? Can you post a screen capture or a small video recording of it? You can use Jing http://www.jingproject.com or maybe Screenr http://www.screenr.com.
    Cheers... Rick
    Helpful and Handy Links
    Captivate Wish Form/Bug Reporting Form
    Adobe Certified Captivate Training
    SorcerStone Blog
    Captivate eBooks

  • How can i disable the 'top sites' cleaning history does not remove this and it is confusing and a risk to privacy

    How can i disable the 'top sites' cleaning history does not remove this and it is confusing and a risk to privacy.
    It also serves no purpose as sites i want to keep are bookmarked
    Is there an alternatively an addon for this

    Hi there - nope, this doesnt work either. the options available when I tap and hol are only OPEN IN NEW TAB, SHARE, ADD TO HOME SCREEN
    wayne

  • Team Site default site assets library does not have support for video, images, etc..

    Greetings,
    Our users have noticed that when they create a new subsite that the default site assets library does not give them the option to create a new document type of video, image, etc.. just a word document.
    If I create a new asset library I do see all the options when creating a new file from the drop down menu under the ribbon >files>new document
    Is this default behavior when creating a new team site or is there something that I can configure so that the default site assets library that is built is really a site assets library and not a standard document library?

    i think you are talking about the "Site Assets" Library and this is not meant for the Asset Library.Yes this is default behavior.
    Site Assets: Use this library to store files which are included on pages within this site, such
    as images on Wiki pages. jsut think about the other OOTB libraries i.e Style, Pages libraries etc.
    Assets Library is the one you need to add in your site collection to take the advantage of it.
    Please remember to mark your question as answered &Vote helpful,if this solves/helps your problem. ****************************************************************************************** Thanks -WS MCITP(SharePoint 2010, 2013) Blog: http://wscheema.com/blog

  • Iphone 4S bluetooth does not connect with any other Bluetooth

    Iphone 4S bluetooth does not connect with MacBookPro Bluetooth or any other Phone with Bluetooth. Can someone please help !!!

    Hi There!
    I am having the same problem, my brothers samsung picks up every bluetooth device thats remotely close but the 4s just sits there searching while sitting on the same desk as my iPad2, iMac 24" and headset that worked fine on my old 3 g.
    I am not hugely tek savvy, can anyone explain in easy speak (the kid at the local apple reseeler told me the new bluetooth used on the 4s is not compatible with the older bluetooth devices.... hmmmmmm)
    There must be a solution..... Thanks in advance

  • FaceTime 1.0.2 does not connect.

    After upgrade to 1.0.2 last week, my FaceTime just does not connect.
    When I call my friends, the FaceTime do appear on their side, but it does not connect after my friends click connect button. After a while, my FaceTime shows that my friend is busy, and ask me to try again.
    When my friends call me, my FaceTime did not even appear.
    Please help!
    Thanks
    Bailing

    I too downloaded the new version of Facetime this evening. I had previously been using v.0.9 and it worked fine. Now that I've downloaded 1.0.2, it does not work at all. Half the time it tells me the camera is off and then tells me there was an internal error and i was disconnected from facetime. The other half of the time, when I try to turn on face time it just sits and whirls but never connects. I've tried many of the other suggestions on this topic including repairing disk permissions, changing my DNS settings, re-booting etc. None of it has worked so far. I am on a iMac (late 2009) version. Any suggestions would be much appreciated

  • My adobe Flash player  does not connect on my Laptop HP Windows 7.

    My  Adobe Flash 11 Player on my laptop HP Windows 7 does not connect.  (or cannot be found even though it is downloaded in the programs

    What means "not connect" or "cannot be found"?  Do you get any messages?
    You write "downloaded", but did you also install it?
    What is your browser?  If IE see
    http://forums.adobe.com/thread/885448
    http://forums.adobe.com/thread/867968

  • My new airport express does not connect my printer to my computer?  My old airport did! then I updated to OS 10.9.2.  How do I get it connected?

    My new airport express does not connect my printer to my computer.  The old airport did.  I recently updated to OS 10.9.2.  I have since bought a new
    HP 6700 all in one wireless printer,  got the latest Comcast router.  None of which connect to my computer wirelessly.  Which do I throw away the printer, router, or Mac?  Help

    Contact HP for support.
    Explain that you are using a Mac, anticipate the inevitable groan, and wait patiently for their resident Mac expert to return from vacation.
    Until then download and install its driver here: http://h10025.www1.hp.com/ewfrf/wc/softwareCategory?product=5058338&cc=us&dlc=en &lc=en
    Otherwise return the printer and purchase one from a company that visibly supports OS X. HP isn't on that list.

  • HT202778 Why is it that when I plug my iPhone into my computer and press "trust", it disconnects my phone and reconnects it, and still does not connect to iTunes??

    When I plug in my iPhone, it connects and begins to charge, then asks me to "trust" the computer. When I select "trust", rather than connecting to iTunes, my phone gets disconnected and then it reconnects again and continues to charge but does not connect to iTunes... I have tried restarting both my computer and my phone, I have tried uninstalling and reinstalling iTunes and I've also tried connecting my phone with different USB cables and connecting them into different USB ports... Still nothing is working.

    That's how Apple set it up on the Mac.
    There is a free application called iExplorer for Mac that allows you to view and copy files from your iPhone.
    Hope this helps.

  • ITunes Store for Windows. Everytime I try an access the iTunes Store it takes really long to connect and then it says iTunes store cannot be access. I think I am up to date with iTunes Verizon 11.0.2.26 but no matter what I try it does not connect. HELP P

    iTunes Store for Windows. Everytime I try an access the iTunes Store it takes really long to connect and then it says iTunes store cannot be access. I think I am up to date with iTunes Verison, I Have 11.0.2.26 but no matter what I try it does not connect. HELP Please???

    With those symptoms, I'd try the following document:
    Apple software on Windows: May see performance issues and blank iTunes Store
    (If there's a SpeedBit LSP showing up in Autoruns, it's usually best to just uninstall your SpeedBit Video Accelerator.)

  • TS3048 My early 2009 Mac Pro does not connect via bluetooth to my sound bar or bluetooth mini speakers. Both my wireless keyboard and mouse have no problems connecting. What do I need to do to connect to external bluetooth devices?

    My early 2009 Mac Pro does not connect via bluetooth to my sound bar or bluetooth mini speakers. Both my wireless keyboard and mouse have no problems connecting. What do I need to do to connect to external bluetooth devices?

    I would always have a wired keyboard and mouse on hand (need not be expensive ... any cheap wired devices will work).  "Emergency recovery" procedures can activate features in random order, so the opportunity to select a recovery partition may pass before the wireless devices are recognized.
    That will let you select the "turn on Bluetooth" icon.

Maybe you are looking for

  • XI 3.0 File receive comm.channel using variable for folder/file name schema

    Hi, I prepared a integration message to produce .txt file output of message. I prepared message successfully, it's running properly and producing .txt file. My problem is to set .txt file name. I must set file name using by some information in .txt f

  • Multiple pages in SAPScript

    Hi Everyone! In my SapScript layout set I have: - two pages, FIRST and SECOND. - five windows, CUSTADDR(var), HEADER(var), MAIN(main), CUSTOM2(var), OUR_ADDR(var) - two paragraphs, DF and IT in page FIRST I have: -- CUSTADDR, HEADER, MAIN, OUR_ADDR i

  • Issue with trading partner

    Hi , I have a issue with trading partner, While clearing the bank clearing account with bank main account user has got the below error "Consolidated companies ' ' are different" The issue is because u201CTrading Partneru201D, document number xxxx has

  • Hi,guys,how to disable a downloaded pdf openned by Acrobat automatically?

    Hi, guys. Whenever a pdf is downloaded by IE, it will be openned by Acrobat automatically. This disturbs me to download the next pdf. Is there any way to disable it? Thank you very much!

  • Color Picker Issues

    I just got a new system here at work and noticed that when I select a color and bring up my color picker the color shown in it is far off from the color selected and I can not figure out why. In Photoshop, my color picker matches fine. Does anyone ha