Pepwave to cisco ASA over GSM


#1

Hi
I am currently testing a pepwave to cisco over Ipsec VPN. My problem is when i have the pepwave connected to a wired connection for example off a DSL the VPN tunnel works. However when I use the same parameters but with the GSM interface the tunnel does not pass phase 1 with the Malformed payload error


#2

Would you able to share the IPSEC configuration & WAN interface info here ?


#3

IPSEC tunnel.pdf (357.5 KB)


#4

Included the Wan Config of the modem as well as a PDF of the tests that i have attempted. 2 of 3 worked, but it’s the third that i need to get functional. thanks for the feedback


#5

You should configure the IPSec as Aggressive mode instead of Main mode since you are getting private IP address on cellular WAN.


#6

Thanks for the response, I tried that already. In Main Mode it completes Phase 1 but drops while in aggressive mode phase 1 fails.
The address that we get is Nat’d out to a public and it’s a 1 to 1 NAT so should it still make a diff?


#7

Main mode will not work unless both sides have a static IP. I recommend to check with your GSM carrier to see if this is supported and get the proper configuration settings. Thanks