Preview Tool

Cisco Bug: CSCtc45482 - ASA ISAKMP MM1 not sent out for l2l rsa-sig auth configured via asdm

Last Modified

Nov 08, 2016

Products (1)

  • Cisco ASA 5500-X Series Firewalls

Known Affected Releases


Description (partial)

The IPSEC lan2lan  initiated from an ASA 8.0.3 does not start and logs :

%ASA-7-609001: Built local-host NP Identity Ifc:
%ASA-7-609001: Built local-host outside:
%ASA-7-609002: Teardown local-host NP Identity Ifc: duration 0:00:00
%ASA-7-609002: Teardown local-host outside: duration 0:00:00
%ASA-7-715077: Pitcher: received a key acquire message, spi 0x0
%ASA-7-713906: Initiator failed to open cert context
%ASA-3-713902: Removing peer from peer table failed, no match!


This happens with rsa-sig authentication when the certificate is imported via ASDM. Via ASDM, one trustpoint is configured per certificate : one for the CA, one for the identity certificate.
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.