05-26-2008 11:24 PM
Hi,
I had a Cisco vpn clients terminated to an 2 ASA failover.
everything was working fine until a power failure happened and all devices went down, after powering up them again every thing worked fine except the VPN client connectivity it alaways gives this error msg :Reason 412: The remote peer is no longer responding
those ASA are behind an 2820 internet router, the NAT configuration is ok, the internet connectivity is ok, can you please guide me on how troubleshooting this issue.
Thanks
05-27-2008 04:11 AM
it sounds like some configuration was not saved before the reload - perhaps you could post the config?
05-28-2008 09:25 AM
and here is the result of the debug crypto isakmp command
May 28 08:36:00 [IKEv1]: Group = DAE_VPN#, IP = x.x.x.x, Removing peer from peer table failed, no match!
May 28 08:36:00 [IKEv1]: Group = DAE_VPN#, IP = x.x.x.x, Error: Unable to remove PeerTblEntry
May 28 08:36:05 [IKEv1]: Group = DAE_VPN#, IP = x.x.x.x, Removing peer from peer table failed, no match!
May 28 08:36:05 [IKEv1]: Group = DAE_VPN#, IP = x.x.x.x, Error: Unable to remove PeerTblEntry
May 28 08:36:10 [IKEv1]: Group = DAE_VPN#, IP = x.x.x.x, Removing peer from peer table failed, no match!
May 28 08:36:10 [IKEv1]: Group = DAE_VPN#, IP = x.x.x.x, Error: Unable to remove PeerTblEntry
May 28 08:36:15 [IKEv1]: Group = DAE_VPN#, IP = x.x.x.x, Removing peer from peer table failed, no match!
May 28 08:36:15 [IKEv1]: Group = DAE_VPN#, IP = x.x.x.x, Error: Unable to remove PeerTblEntry
May 28 08:36:28 [IKEv1]: Group = DAE_VPN#, IP = x.x.x.x, Removing peer from peer table failed, no match!
05-28-2008 10:44 AM
You are missing your IKE phase 1 config?
05-28-2008 09:34 PM
the thing this same configuration was working before we had this power blackout!
05-29-2008 12:51 AM
You are correct - sorry I was looking at something else. You are only using VPN Clients - which perform negotiation in agressive mode, so no need for an IKE policy.
What does the VPN client log indicate when you try and connect?? Are you using the right group id/pwd & user uid/pwd settings when connecting?
06-04-2008 12:12 AM
it worked now, i removed the crypto configurations and keys, and re-write them,it seems that the keys were corrupted!
thanks for the asistance...
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide