06-11-2009 08:39 PM - edited 03-11-2019 08:42 AM
I'm trying to create a site-to-site tunnel
between an ASA 5520 and a Cisco 2800
I'm getting "Unable to remove PeerTblEntry"
Can anyone give me some insight on what
the problem might be. This is the ASA side.
There's 20 other tunnels running. I'll try and get the other side ASAP (a vendor)
Thanks
name 5.5.5.5 Vendor
access-list VPN_TO_VENDOR extended permit ip 10.20.12.127 255.255.255.255 10.127.23.10 255.255.255.255
access-list nonat_inside extended permit ip 10.20.12.127 255.255.255.255 10.127.23.10 255.255.255.255
access-list OUTSIDE_ACCESS_IN extended permit 10.127.23.10 255.255.255.255 10.20.12.127 255.255.255.255
nat (inside) 0 access-list nonat_inside
crypto ipsec transform-set 3DES-SHA esp-3des esp-sha-hmac
crypto map vpn_map 25 match address VPN_TO_VENDOR
crypto map vpn_map 25 set peer Vendor
crypto map vpn_map 25 set transform-set 3DES-SHA
crypto map vpn_map interface outside
isakmp enable outside
isakmp policy 20 authentication pre-share
isakmp policy 20 encryption 3des
isakmp policy 20 hash sha
isakmp policy 20 group 2
isakmp policy 20 lifetime 28800
tunnel-group 5.5.5.5 type ipsec-l2l
tunnel-group 5.5.5.5 ipsec-attributes
pre-shared-key *
06-13-2009 05:41 AM
You should ignore that message I guess and look for more obvious error messages to get the tunnel up and running. What is exactly wrong with the tunnel?
Regards
Farrukh
06-15-2009 10:46 AM
It was resolved thanks
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide