Pepwave to cisco ASA over GSM

I am currently testing a pepwave to cisco over Ipsec VPN. My problem is when i have the pepwave connected to a wired connection for example off a DSL the VPN tunnel works. However when I use the same parameters but with the GSM interface the tunnel does not pass phase 1 with the Malformed payload error

Would you able to share the IPSEC configuration & WAN interface info here ?

1 Like

pepwave IPSECpepwave wan 1IPSEC tunnel.pdf (357.5 KB)

Included the Wan Config of the modem as well as a PDF of the tests that i have attempted. 2 of 3 worked, but it’s the third that i need to get functional. thanks for the feedback

You should configure the IPSec as Aggressive mode instead of Main mode since you are getting private IP address on cellular WAN.

1 Like

Thanks for the response, I tried that already. In Main Mode it completes Phase 1 but drops while in aggressive mode phase 1 fails.
The address that we get is Nat’d out to a public and it’s a 1 to 1 NAT so should it still make a diff?

Main mode will not work unless both sides have a static IP. I recommend to check with your GSM carrier to see if this is supported and get the proper configuration settings. Thanks

1 Like