config-t.net » Blog Archive » VPN Troubleshooting- Phase 1
A show crypto isakmp sa command shows the ISAKMP SA to be in MM_NO_STATE.
This also means that main mode has failed.
dst src state conn-id slot
10.1.1.2 10.1.1.1 MM_NO_STATE 1 0
Verify that the Phase I policy is on both peers and ensure that all the attributes match.
Encryption DES or 3DES
Hash MD5 or SHA
Diffie-Hellman Group 1 or 2
Authentication {rsa-sig | rsa-encr | pre-share
