Daren Matthews

This post explains the IKE Debug message: “Duplicate first packet detected”

This event is logged when packets do not reach their destination, usually due to network routing problems. The Phase 1 IKE exchange between the tunnel peers fail at MM_WAIT_MSG2

( see: Troubleshooting ISAKMP Phase 1 Messages – Part 1 to understand the IKE Messages further)

1) IKE initator sends MM_SND_MSG1 and goes into MM_WAIT_MSG2 state
2) IKE responder receives MM_SND_MSG1 and sends MM_SND_MSG2 back to the initiator and goes into a MM_WAIT_MSG3 state, expecting MM_SND_MSG3 as the next exchage from the initiator
3) IKE initiator having not received MM_SND_MSG2 from the responder, resends MM_SND_MSG1, resulting in the “Duplicate first packet detected” being logged on the responder. Read more…

IPSec involves many component technologies and encryption methods. Yet IPSec’s operation can be broken down into five main steps. The five steps are summarised as follows:

A crypto map—is a Cisco IOS software configuration entity that performs two primary functions. First, it selects data flows that need security processing. Second, it defines the policy for these flows and the crypto peer that traffic needs to go to. A crypto map is applied to an interface. The concept of a crypto map was introduced in classic crypto but was expanded for IPsec.  This aide-memoir pulls together items from Cisco.com to provide a useful recipe and refresher. Read more…

Here is a handy way to use EEM to failover to a second ISP – use with a route-map:

Cisco EEM configuration: Read more…

This is the syntax to use to test SMTP relays. Commands are in bold:

telnet x.x.x.x 25
HELO mydomain.com
250 mobile.yourdomain.com Hello mydomain.com ([129.0.52.74]), pleased to meet you Read more…