clear crypto isakmp tunnel not coming back is not upward

Similar Questions

• Disappeared from the toolbar URL, and modules are not coming back.

  Hi people. Once more Firefox drives me crazy, I woke up this morning, turned on the old computer, Firefox has started, and I have no URL bar. I tried to restore it, but no luck. Been looking for the Firefox forums for a few hours, found similar questions, but... .no cigar. I have the version 36.0.4 of Firefox. Can someone please explain how he disappeared and how to get it back?

  I uninstalled FF, entirely. And re-installed. URL bar still to go. Also, I have connected to my SYNC, but my modules are not coming back.

  I would appreciate your help.

  You still have the Navigation bar visible with other buttons on the toolbar and tab bar?

  Make sure that you run not Firefox mode full screen (press F11 or Fn + F11 to toggle; Mac: Command + SHIFT + F).

  • https://support.Mozilla.org/KB/how-to-use-full-screen

  If you are in full screen view then hover over with the mouse to the top of the screen to facilitate the bar appear Navigation and tab bar.
  Click the expand (in the top right Navigation bar) to exit full screen or right-click on a space empty on a toolbar and select "exit full screen" or press the F11 key.

  Try to rename (or delete) the file xulstore.json in the Firefox profile folder.
  You can use this button to go to the Firefox profile folder currently in use:

  • Help > troubleshooting information > profile directory: see file (Linux: open the directory;) Mac: View in the Finder)
  • http://KB.mozillazine.org/Profile_folder_-_Firefox

  Start Firefox in Safe Mode to check if one of the extensions (Firefox/tools > Modules > Extensions) or if hardware acceleration is the cause of the problem.

  • Put yourself in the DEFAULT theme: Firefox/tools > Modules > appearance
  • Do NOT click on the reset button on the startup window Mode safe
  • https://support.Mozilla.org/KB/safe+mode
  • https://support.Mozilla.org/KB/troubleshooting+extensions+and+themes

• Firefox will not keep the settings available, they keep coming back to a default value

  I used to be able to change the zoom by using ctrl_scroll and it worked fine (to fit the entire page on a single screen with no scroll bar). Now, even after I have it, as soon as I go to a new site or edit folders in gmail, it keep coming back to a default zoom make the page too big to fit on a single screen. It is especially annoying with gmail...

  There are a couple of modules designed to record your zoom settings. They also allow you to define a new zoom level for all pages, you have not yet visited. I have not tried, but here they are:

  • Default FullZoom Level
  • NoSquint

  If there are sites that are still a concern, feel free to post their URLs.

• Updates to Windows during the stoppage has not taken effect and the same updates (16 of them) keep coming back in the next restart.

  Original title: Windows updates has not taken effect.

  My Windows updates during the shutdown did not effect. The same updates (16 of them) keep coming back in the next restart.

  I tried fixed it 50461 mentioned in one post, but the problem persists.

  Any help to appreciate.

  Hi Lee CC,.

  1 windows operating system you are using?

  2. you receive an error code or error messages?

  3. Why have you tried the Fixit 50461? Have you received a 646 error?

  This problem can occur if updates failed to install.

  Method 1:

  You can read the following article and try to reset the Windows Update components and check.

  How to reset the Windows Update components?

  http://support.Microsoft.com/kb/971058

  Method 2:

  You can also read the following article and check if it helps.

  Troubleshooting Windows Update or Microsoft Update when you are repeatedly offered an update

  http://support.Microsoft.com/kb/910339

  Hope this information is useful.

  Jeremy K
  Microsoft Answers Support Engineer
  Visit our Microsoft answers feedback Forum and let us know what you think.

  If this post can help solve your problem, please click the 'Mark as answer' or 'Useful' at the top of this message. Marking a post as answer, or relatively useful, you help others find the answer more quickly.

• An error keeps coming back that there is a problem starting werconcpl.dll - the specified module could not be found. What should I do?

  An error keeps coming back that there is a problem starting werconcpl.dll - the specified module could not be found.  What should I do?

  Hello

  ·         Since when are you facing this problem?

  ·         Were there recent changes made on the computer before the show?

  Follow these methods and check if that helps:

  Method 1:

  This file is a Microsoft Windows System. If you receive the warning on the file, I suggest you to run the latest Microsoft security on your computer Scanner and check if that helps:

  http://www.Microsoft.com/security/scanner/en-us/default.aspx

  Note: the data files that are infected must be cleaned only by removing the file completely, which means there is a risk of data loss.

  Method 2: Run scan files (SFC) system auditor

  It will scan your computer to check the integrity of files on your system.

  The System File Checker (SFC) utility allows administrators to perform an analysis of all protected resources to make sure they are the correct version. Whether SFC should find all incorrect versions in one of these protected resources, SFC will be replaced by the correct versions.

  SFC follow the steps in the article to run a scan:

  Description of Windows XP and Windows Server 2003 System File Checker (Sfc.exe)

  http://support.Microsoft.com/kb/310747

• My network password box keeps coming back, and does not deal with e-mail.

  network password box problem

  My network password box keeps coming back and does not deal with e-mail, this just started happening, why

  Hello

  ·         What mail client do you use?

  ·         Were there any changes made on the computer before the show?

  ·         Are you making reference to the box to pop up while accessing an e-mail program like Windows mail or Outlook?

  Please provide us with more information about the issue so that we can help you further:

  If you are facing this problem on Outlook, see this link:

  http://Office.Microsoft.com/en-us/Outlook-help/i-get-an-enter-network-password-prompt-HA010151354.aspx

  Alternatively, you can ask the experts in the forums of Outlook:

  http://answers.Microsoft.com/en-us/Office/Forum/Outlook

• 881 - isakmp crypto module is not available

  Hello.

  I have a Cisco 881 SRI (CISCO881-SEC-K9) and license advanced installed and enabled/active security and in use (see screenshot).  However, the isakmp encryption module is not available.

  Cisco #crypto?

  GDOI GDOI about orders

  IPSec IPSec

  the key associated with the control.

  PKI public key public

  Here is my result to "see the version.

  Cisco IOS software, software C880 (C880DATA-UNIVERSALK9-M), Version 15.0 (1) M8, RELEASE SOFTWARE (fc1)

  Technical support: http://www.cisco.com/techsupport

  Copyright (c) 1986-2012 by Cisco Systems, Inc.

  Updated Friday, February 16, 12 02:58 by prod_rel_team

  ROM: System Bootstrap, Version 12.4 (22r) YB5, RELEASE SOFTWARE (fc1)

  the availability of Cisco is 11 minutes

  System returned to ROM by reload at 13:47:55 PCTime Wednesday, August 22, 2012

  System restarted at 13:48:27 PCTime Wednesday, August 22, 2012

  System image file is "flash: c880data-universalk9 - mz.150 - 1.M8.bin.

  Last reload type: normal charging

  Reload last reason: reload command

  This product contains cryptographic features and is under the United States

  States and local laws governing the import, export, transfer and

  use. Delivery of Cisco cryptographic products does not imply

  third party approval to import, export, distribute or use encryption.

  Importers, exporters, distributors and users are responsible for

  compliance with U.S. laws and local countries. By using this product you

  agree to comply with the regulations and laws in force. If you are unable

  to satisfy the United States and local laws, return the product.

  A summary of U.S. laws governing Cisco cryptographic products to:

  http://www.Cisco.com/WWL/export/crypto/tool/stqrg.html

  If you need assistance please contact us by mail at

  [email protected] / * /.

  Cisco 881 (MPC8300) processor (revision 1.0) with 236544K / 25600K bytes of memory.

  Card processor ID FTX1624812T

  5 FastEthernet interfaces

  1 module of virtual private network (VPN)

  256K bytes of non-volatile configuration memory.

  125440K bytes of ATA CompactFlash (read/write)

  License info:

  License IDU:

  -------------------------------------------------

  Device SN # PID

  -------------------------------------------------

  * 0 FTX1624812T CISCO881-SEC-K9

  License information for "c880 - data".

  License level: advsecurity Type: Permanent

  Next reboot license level: advsecurity

  Configuration register is 0 x 2102

  What kind of module you are missing? Or you are missing the "crypto isakmp" command that is not available in your impression?

  If it is just the command, then go to conf-mode where you can configure isakmp and search commands «crypto isakmp...» ».

  Sent by Cisco Support technique iPad App

• MP3 player via the USB port (no matter which), it keeps coming back as the "Drive is not accessible. Access is denied. "

  Hello

  So, here are the problems I encounter, and what I did to try to fix myself.
  Whenever I try to connect my MP3 player via the USB port (no matter which), it keeps coming back as the "Drive is not accessible. Access is denied. "  This same thing happens everytime I try to put an SD card in the SD card slot.  However, despite this, I can plug my USB mouse and use it, as well as the keyboard and it records only.  I can also use the HDMI port to use my TV as a second monitor and, also, to record that.
  What I did to solve the problem, it is to restore the system to the previous times before that happened, did not.  I also went into the Device Manager and uninstalled and re installed, USB and SD card drivers.  I also tried something in the sense of taking control of the files via a right click on a folder and go to properties and then security and to the 'advanced settings', the problem with this situation is that I can't in readers at all.
  I am currently running Windows 7 (64 bit) on a laptop Lenovo, the computer itself is actually only a few months.  If someone knows something about this, please let me know.  Thanks in advance.

  Hello

  1. What is the number of brands and models of MP3 player?

  2 are logged in as an administrator on the computer?

  3. are you able to use this device on another computer (not Windows XP)? The MP3 player or SD card already worked on this computer?

  4. Once you get this error message? Do you get this error when accessing the mp3 player and SD card on Windows Explorer?

  Run an antivirus with Microsoft Safety scanner scan and make sure your computer is virus-free.

  The Microsoft Security Scanner is a downloadable security tool for free which allows analysis at the application and helps remove viruses, spyware and other malware. It works with your current antivirus software.

  http://www.Microsoft.com/security/scanner/en-us/default.aspx

  Note: The Microsoft Safety Scanner ends 10 days after being downloaded. To restart a scan with the latest definitions of anti-malware, download and run the Microsoft Safety Scanner again.

  Important: While running scan on the hard drive if bad sectors are found on the hard drive when scanning try to repair this area if all available on which data may be lost.

  Response with more information to help you.

• After the update (December 2015), Camera Raw does not fit on the save new Camera Raw default.  It keeps coming back to the default settings.  Does anyone else have this problem?

  After the update (December 2015), Camera Raw does not on the save new Camera Raw default.  It keeps coming back to the default settings.  Does anyone else have this problem?

  Yes, this is the same bug.

  The engineering team working on it.

  We have no fixed timeline.

  In the meantime, you can restore the previous update.

• Router Cisco 1941 - crypto isakmp policy command missing - IPSEC VPN

  Hi all

  I was looking around and I can't find the command 'crypto isakmp policy' on this router Cisco 1941.  I wanted to just a regular Lan IPSEC to surprise and Lan installation tunnel, the command isn't here.  Have I not IOS bad? I thought that a picture of K9 would do the trick.

  Any suggestions are appreciated

  That's what I get:

  Router (config) #crypto?
  CA Certification Authority
  main activities key long-term
  public key PKI components

  SEE THE WORM

  Cisco IOS software, software C1900 (C1900-UNIVERSALK9-M), Version 15.0 (1) M2, VERSION of the SOFTWARE (fc2)
  Technical support: http://www.cisco.com/techsupport
  Copyright (c) 1986-2010 by Cisco Systems, Inc.
  Updated Thursday, March 10, 10 22:27 by prod_rel_team

  ROM: System Bootstrap, Version 15.0 M6 (1r), RELEASE SOFTWARE (fc1)

  The availability of router is 52 minutes
  System returned to ROM by reload at 02:43:40 UTC Thursday, April 21, 2011
  System image file is "flash0:c1900 - universalk9-mz.» Spa. 150 - 1.M2.bin.
  Last reload type: normal charging
  Reload last reason: reload command

  This product contains cryptographic features...

  Cisco CISCO1941/K9 (revision 1.0) with 487424K / 36864K bytes of memory.
  Card processor ID FTX142281F4
  2 gigabit Ethernet interfaces
  2 interfaces Serial (sync/async)
  Configuration of DRAM is 64 bits wide with disabled parity.
  255K bytes of non-volatile configuration memory.
  254464K bytes of system CompactFlash ATA 0 (read/write)

  License info:

  License IDU:

  -------------------------------------------------
  Device SN # PID
  -------------------------------------------------
  * 0 FTX142281F4 CISCO1941/K9

  Technology for the Module package license information: "c1900".

  ----------------------------------------------------------------
  Technology-technology-package technology
  Course Type next reboot
  -----------------------------------------------------------------
  IPBase ipbasek9 ipbasek9 Permanent
  security, none none none
  given none none none

  Configuration register is 0 x 2102

  You need get the license of security feature to configure the IPSec VPN.

  Currently, you have 'none' for the security feature:

  ----------------------------------------------------------------
  Technology-technology-package technology
  Course Type next reboot
  -----------------------------------------------------------------
  IPBase ipbasek9 ipbasek9 Permanent
  security, none none none
  given none none none

  Here is the information about the licenses on router 1900 series:

  http://www.Cisco.com/en/us/partner/docs/routers/access/1900/hardware/installation/guide/Software_Licenses.html

• ISAKMP does not start after charging

  Hello world:

  We have a router Cisco 1841, acting as a member of the group in a GETVPN network. When this router reloads, ISAKMP process remains always OFF (% CRYPTO-6-ISAKMP_ON_OFF: ISAKMP is DISABLED) and only begin this process until we have forced through a command clear crypto gdoi or manually turn the off/on card crypto on the interface, if Phase 1 never start and the GM never register on KS. Other members of the group in the network does not have this problem and is the same ISAKMP policy and configuration of GDOI.

  All routers in the nerwork have the same IOS (C1841-ADVIPSERVICESK9-M), Version 12.4 (15) T8, VERSION of the SOFTWARE (fc3)) but this problem is only present on a router.

  a debug crypto isakmp has been issued on the weird router but it didn't show any information because ISAKMP is stuck. After we order clearly crypto gdoi, ISAKMP begins the negotiation and authentication and the SA is finally established.

  It's the router log after you issue a reload command:

  * Jan 27 10:51:44.695: % SYS-5-RESTART: System restarted.
  Cisco IOS Software, 1841 (C1841-ADVIPSERVICESK9-M), Version 12.4 (15) T8, VERSION of the SOFTWARE (fc3)
  Technical support: http://www.cisco.com/techsupport
  Copyright (c) 1986-2008 by Cisco Systems, Inc.
  Updated Tuesday 1st December 08 13:52 by prod_rel_team
  * Jan 27 10:51:44.699: % SNMP-5-start COLD: SNMP agent on host XXXXXXXX is the subject of a cold start
  * Jan 27 10:51:44.763: % SSH-5-ACTIVATED: 1.99 SSH has been activated
  * Jan 27 10:51:44.919: % CRYPTO-6-ISAKMP_ON_OFF: ISAKMP is DISABLED
  * Jan 27 10:51:44.919: % CRYPTO-6-GDOI_ON_OFF: GDOI is set to OFF
  * Jan 27 10:51:44.919: % CRYPTO-6-GDOI_ON_OFF: GDOI is running
  * Jan 27 10:51:45.999: % SYS-6-DISTRIBUTION: time required to restart after reloading = 130 seconds

  It is the configuration of encryption

  crypto ISAKMP policy 10
  BA 3des
  Group 2
  !
  !
  gdoi crypto group GETVPN
  Identity number 10
  Server address ipv4 a.b.c.d
  Server ipv4 x.y.z.x address
  !
  !
  card crypto GETVPN-map local-address FastEthernet0/1
  card crypto GETVPN-card 10 gdoi
  set the GETVPN group

  Thanks in advance.

  Damian

  Hello

  There is a known issue with GETVPN resolved in 12.4 (15) T10:

  http://Tools.Cisco.com/support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsv29424

  This causes the router does not save with the KS after a reload. However, it is specific to a configuration GETVPN, what 12.4 mainline code does not support. I suggest that you open a TAC case for studying it.

  Thank you

  Wen

• PERSONAL CRYPTO ISAKMP - General Question

  Here's the ISAKMPS on my firewall. How is it when I add a new policy it is not? I have a 51 policy which does not appear?

  crypto ISAKMP policy 10
  preshared authentication
  aes-192 encryption
  sha hash
  Group 2
  life 86400
  crypto ISAKMP policy 20
  preshared authentication
  aes-256 encryption
  md5 hash
  Group 2
  life 86400
  crypto ISAKMP policy 30
  preshared authentication
  3des encryption
  sha hash
  Group 2
  life 86400
  crypto ISAKMP policy 50
  preshared authentication
  3des encryption
  md5 hash
  Group 2
  life 86400

  The number after the card statement Cryptography is simply the sequence number that identifies a card encryption on the other, it's how you can have several tunnels associated with a single interface that also do not necessarily map encryption policy isakmp (actually nothing lie).

  So basically what happens, is that if you change the encryption from 54 to 100 map, it will move down on the list of existing tunnels and most likely you would just duplicate this entries.

• invalid-spi-recovery crypto isakmp command worked well in the case of DMVPN

  Hello

  I did the Setup for Hub/spoke in th DMVPN case and it worked fine. But after reloading Hub and I saw an output of error below, well I added the command invalid-spi-recovery isakmp crypto in the Hub & spokes:

  * 7 Oct 03:10:03.175: CRYPTO-4-RECVD_PKT_INV_SPI %: decaps: rec would be package IPSEC a bad spi to destaddr = 150.1.1.1, prot = 50, spi = 0 x 72662541 (1919296833), port = 150.3.1.3

  * 7 Oct 03:10:03.175: CRYPTO-4-RECVD_PKT_INV_SPI %: decaps: rec would be package IPSEC a bad spi to destaddr = 150.1.1.1, prot = 50, spi = 0 x 72662541 (1919296833), port = 150.2.1.2

  Note: spoke1 IP address: 150.2.1.2/spoke2's IP address:150.3.1.3/Hub's IP address: 150.1.1.1

  My temporary solution for the same problem, I need to erase SPI by manually and it worked fine again.

  Everyone has the same problem, please let me know

  Kind regards

  TRAN

  Hello

  There is a common misconception of what the invalid-spi-recovery crypto isakmp command does. Even without this command IOS already performs a kind of recovery invalid SPI feature by sending a DELETION notify for the SA has received send peer If she already has an IKE SA with this peer. Still once, this happens regardless of whether the order invalid-spi-recovery crypto isakmp is enabled or not.

  With the order of isakmp crypto invalid-spi-recovery , he tries to regulate the condition where a router receives the IPSec traffic with invalid SPI and

  It doesn't have an IKE SA with this peer. In this case, it will try to put in place a new IKE session with the peer and then send a DELETION notification on the newly created HIS IKE. However, this command does not work in all configurations of crypto. Are the only configurations that this command works cryptographic instantiated, for example, Asit, and peer static maps from static cryptographic cards where the peer is defined explicitly. Here is a summary of commonly used configurations of crypto and know if invalid spi recovery works with this configuration or not:

  Crypto config	Not valid-spi-recovery?
  Static crypto map	YES
  Dynamic crypto map	NO.
  P2P GRE with TP	YES
  using love TP w / static PNDH mapping	YES
  using love TP w / dynamic PNDH mapping	NO.
  ASIT	YES
  EzVPN client	N/A

  For help with your scenario, you can enable DPD (isakmp crypto keepalive) on the shelf to help the recovery tunnel.

  Thank you

  Wen

• Can you have several strategies of crypto isakmp on a router?

  I have a router 1841 as a hub for several IPSec tunnels. I have a single ISAKMP policy that looks like this:

  crypto ISAKMP policy 1

  BA 3des

  preshared authentication

  Group 2

  isakmp encryption key * address x.x.x.x

  isakmp encryption key * address y.y.y.y

  isakmp encryption key * address z.z.z.z

  I want to start using AES as the encryption ISAKMP protocol, but I can't be there to change the other ends of all other tunnels. Can I create an another crypto isakmp strategy 2 and just put the pre-shared key for new connections in this one while I'm migration?

  Thank you

  Chris

  Chris

  You can have several strategies of isakmp on your router. The router will run through them in order until it finds a match. If you just need to add a new policy for isakmp with a number of different sequence, for example.

  crypto ISAKMP policy 2

  BA aes

  AUTH pre-shared

  Group 2

  This will not affect your original isakmp policy.

  Not sure what you mean by putting the pre-shared 'under' the isakmp policy. The key is not related to any person isakmp policy - you can see that the configuration you specify above.

  All you need to do to switch is to configure isakmp on your router 1841 strategy and then move the remote as and when you can. Those that you changed uses AES, you have not yet changed that will continue to use 3DES.

  HTH

  Jon

• Problem of process ISAKMP Tunnel VPN

  I configured two tunnels of the separate two PIX to a Cisco 3000 Concentrator.

  The settings on the two PIX on ISAKMP polocies and transformation-games are the same. However, establishes a single tunnel, and the other fails.

  I think the problem is at the end of 3000, but I am unable to prove it, that I do not have access.

  The PIX with the tunnel telling the following debug output (debug crypto isakmp, debug crypto ipsec). The reason the SA is deleted mentions the 3000 having a bad set transformation in politics?

  DEBUG OUTPUT

  ============

  ISAKMP (0): early changes of Main Mode

  crypto_isakmp_process_block:src:62.25.99.51, dest:195.188.216.195 spt:500 dpt:50

  0

  Exchange OAK_MM

  ISAKMP (0): treatment ITS payload. Message ID = 0

  ISAKMP (0): audit ISAKMP transform 4 against 23 priority policy

  ISAKMP: 3DES-CBC encryption

  ISAKMP: MD5 hash

  ISAKMP: default group 2

  ISAKMP: preshared auth

  ISAKMP: type of life in seconds

  ISAKMP: lifespan (IPV) 0 x 0 0 x 1 0 x 51 0x80

  ISAKMP (0): atts are acceptable. Next payload is 0

  ISAKMP (0): load useful treatment vendor id

  ISAKMP (0): ITS been pre-shared key, using id ID_IPV4_ADDR type authentication

  to return to the State is IKMP_NO_ERROR

  crypto_isakmp_process_block:src:62.25.99.51, dest:195.188.216.195 spt:500 dpt:50

  0

  Exchange OAK_MM

  ISAKMP (0): processing KE payload. Message ID = 0

  ISAKMP (0): processing NONCE payload. Message ID = 0

  ISAKMP (0): load useful treatment vendor id

  ISAKMP (0): load useful treatment vendor id

  ISAKMP (0): provider v6 code received xauth

  ISAKMP (0): load useful treatment vendor id

  ISAKMP (0): addressing another box of IOS!

  ISAKMP (0): load useful treatment vendor id

  ISAKMP (0): addressing a VPN3000 concentrator

  ISAKMP (0): ID payload

  next payload: 8

  type: 1

  Protocol: 17

  Port: 500

  Length: 8

  ISAKMP (0): the total payload length: 12

  to return to the State is IKMP_NO_ERROR

  crypto_isakmp_process_block:src:62.25.99.51, dest:195.188.216.195 spt:500 dpt:50

  0

  Exchange OAK_MM

  ISAKMP (0): processing ID payload. Message ID = 0

  ISAKMP (0): HASH payload processing. Message ID = 0

  ISAKMP (0): load useful treatment vendor id

  ISAKMP (0): Peer Remote supports dead peer detection

  ISAKMP (0): SA has been authenticated.

  ISAKMP (0): start Quick Mode Exchange, M - ID-1619388538:9f7a1786IPSEC (key

  _engine): got an event from the queue.

  IPSec (spi_response): spi 0x22a0e9d5 graduation (580970965) for SA

  from 62.25.99.51 to 195.188.216.195 for prot 3

  to return to the State is IKMP_NO_ERROR

  ISAKMP (0): send to notify INITIAL_CONTACT

  ISAKMP (0): sending message 24578 NOTIFY 1 protocol

  Peer VPN: ISAKMP: approved new addition: ip:62.25.99.51/500 Total VPN peer: 1

  Peer VPN: ISAKMP: ip:62.25.99.51/500 Ref cnt is incremented to peers: 1 Total VPN EEP

  RS: 1

  crypto_isakmp_process_block:src:62.25.99.51, dest:195.188.216.195 spt:500 dpt:50

  0

  ISAKMP (0): processing DELETE payload. Message ID = 4188403644, spi size = 16

  ISAKMP (0): delete SA: src 195.188.216.195 dst 62.25.99.51

  to return to the State is IKMP_NO_ERR_NO_TRANS

  ISADB: Reaper checking HIS 0xe97afc, id_conn = 0 DELETE IT!

  Peer VPN: ISAKMP: ip:62.25.99.51/500 Ref cnt decremented to peers: 0 Total of VPN EEP

  RS: 1

  Peer VPN: ISAKMP: deleted peer: ip:62.25.99.51/500 VPN peer Total: 0IPSEC (key_en

  (Origin): had an event of the queue...

  IPSec (key_engine_delete_sas): rec would remove the ISAKMP notify

  IPSec (key_engine_delete_sas): remove all SAs shared with 62.25.99.51

  Any help is appreciated!

  Thank you

  Neil

  It seems that phase as 1 (ike) sa is be created without error. I think that the problem lies in the phase 2 (ipsec) his. Can you put the cryptographic cards relevant and ACLs cards referring to the PIX that fails and the pix who succeeds? That may give a clue as to what is the question.