I am running into a little bit of an issue with my Clean Access Deployment. We are using a pair of 5520s in conjunction with Clean Access deployed in L3 gateway mode. My active ASA is constantly displaying the message "No Matching Connection for ICMP Error Message source Clean Access Manager destination some client on our VPN subnet." I understand during discovery the Clean Access Agent will ping the Manager, however what I can't understand is why the CAM continues to send ICMP unreachable messages to some clients. It may send hundreds of these messages over a period of two or three minutes. Any ideas?
I have this problem too.