Problem failover ASA 5510 with VPN.

Unanswered Question
Apr 10th, 2007
User Badges:

Dear?s,


I?m have um failover with the ASA 5510.The tunnel L2L is working! When the primary goes for shutdown, the secondary one is activated, but i have problems in the VPN. The following error occurs:

Apr 06 15:27:38 [IKEv1]: IP = 172.19.33.7, Removing peer from peer table failed, no match!

Apr 06 15:27:38 [IKEv1]: IP = 172.19.33.7, Error: Unable to remove PeerTblEntry


After a time the VPN it connects. Somebody has a solution for this?


Thanks,

Marcio - Auriga Informatica



Attachment: 
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
p.krane Mon, 04/16/2007 - 11:03
User Badges:

First check if your failover is a stateful one, if not change it to stateful. Also check if isakmp commands

isakmp policy 10 authentication pre-share

isakmp policy 10 encryption 3des

isakmp policy 10 hash sha

isakmp policy 10 group 2

isakmp policy 10 lifetime 86400

are configured properly.

m.freitas Mon, 04/16/2007 - 15:21
User Badges:

My friend! See this new error:


Cannot create dynamic ACL for Backup L2L entry TUNEL_DATACENTERS 20


I use the version 7.2(2)!


Thank you very much!

Marcio - Auriga Informatica.



Actions

This Discussion