Strange VPN Tunnel Wizard Error- ASA5520

Unanswered Question
Sep 7th, 2007

When using the VPN Tunnel Wizard on my 5520 i select Site to Site as the tunnel type. Then, i hit next and I get the following error:

You cannot add a new tunnel policy,because the priority range is exhausted.

Any ideas, i'm having a difficult time trying to resolve this. Im assuming I can still create a site-to-site VPN via the CLI as that is how the others were done. However, I'd like to have the Wizzard work too.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
keithcroft Mon, 09/10/2007 - 13:12

Following command resolved my issue.

crypto map outside_map 500 ipsec-isakmp dynamic outside_dyn_map

Jason Gervia Tue, 09/11/2007 - 04:09


The issue is typically related to the dynamic VPN map on the firewall having an entry of 65535. The wizard tries to increase the number by one and add an entry, but because 65535 is the logical limit, it cannot.


This Discussion