10-10-2006 12:48 AM
Hi all, we have Cisco ASA 5510 with system image asa521-k8.bin.
When we connect to ASA with cisco VPN client, we face with that Reason, Reason 433.
We permitted necessary udp and tcp ports but noyhing change.
I thougt problem is NAT since We are behind firewall and go outside NAT,but i tried without NAT, againg no change.
Are there anybody help me abt issue?
Thx
10-10-2006 05:41 AM
Turn on full logging on the client and post the results. Make sure you santize it first.
10-10-2006 05:59 AM
%ASA-3-713132: Group = group_name, Username = username, IP = 213.xxx.xxx.xxx, Cannot obtain an IP address for remote peer
%ASA-3-713902: Group = group_name, Username = username, IP = 213.xxx.xxx.xxx, Removing peer from peer table failed, no match!
%ASA-4-713903: Group = group-name, Username = username, IP = 213.xxx.xxx.xxx, Error: Unable to remove PeerTblEntry
Oct 02 06:15:57 [IKEv1]: Group = group_name, Username = username, IP = 213.xxx.xxx.xxx, Removing peer from peer table failed, no match!
Oct 02 06:15:57 [IKEv1]: Group = group_name, Username = username, IP = 213.xxx.xxx.xxx, Error: Unable to remove PeerTblEntry
10-10-2006 08:17 AM
Bingo, first line. You need to create a pool if IP's on the ASA (or have DHCP provide them).
10-10-2006 09:01 AM
ip local pool WORD 192.168.70.0-192.168.70.255 mask 255.255.255.255
is it enough? previously i created a pool already.
10-10-2006 09:57 AM
It should read something like-
ip local pool WORD 192.168.70.1-192.168.70.254
Then you must assign the pool to a VPN group.
tunnel-group
address-pool WORD
07-31-2009 04:15 AM
HI
Did you this resolved and what was the solution
thanks
10-20-2006 02:56 AM
Hi Donead,
Are you configurating the VPN via ASDM VPN Wizard?
If so, make sure to specify the protected subnet for the head end (even thought the wizard said its ok to leave it blank to expose all network behind 5510).
Cheers
Tony
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: