I have been trying to connect a VPN Client for remote access to a PIX515E (using version 7.2(2). I can get to the user authentication window, but after I enter the username and password, I get the status "Not Connected". I tried to run "debug crypto isakmp" but only the following screen output is appearing:
Jun 27 17:00:08 [IKEv1]: Group = testgroup, Username = testuser, IP
= 184.108.40.206, Removing peer from peer table failed, no match!
Jun 27 17:00:08 [IKEv1]: Group = testgroup, Username = testuser, IP = 220.127.116.11,
Error: Unable to remove PeerTblEntry
Can anybody help me identify the cause of the problem? Your response will be greatly appreciated.
Hey l.tating , I had the exact same problem with connecting to a pix. Under the aaa-server line I didn't have the correct key. So I would recommend that you check they key to verify. You can use this command also - debug crypto isakmp 7
I am not using aaa for authentication. Im just using local database. I still cannot make it work. My debug crypto isakmp 7 has something in it that showed "cannot obtain an IP address for remote peer". Please see debug messages below:
Jun 30 15:46:22 [IKEv1]: Group = testgroup, Username = testuser, IP = 18.104.22.168,
Cannot obtain an IP address for remote peer
Jun 30 15:46:22 [IKEv1 DEBUG]: Group = testgroup, Username = testuser, IP = 173.
5.1.4, IKE TM V6 FSM error history (struct &0x27a61b8) , : TM_DO
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...