Getting “QM FSM error” while establishing a Cisco VPN? Particularly site-to-site and even more particularly with IOS on one end and a Pix/ASA on the other?
Go to the Pix/ASA side and remove Perfect Forward Secrecy (PFS). Rather than tell you it’s incompatible, it just barfs because it can’t read it (because it’s you know… encrypted).
no cryptomap outside 1 set pfs group2
If anyone finds a better error message than the ubiquitous “QM FSM error” let me know and I will post it.