Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Remote VPN Clients connected through ASA do not authenticate with Microsoft Active Directory and Split tunneling does not work

Core issue

These debug messages appear when you enable the debug crypto isakmp  command on ASA during the remote access clients authentication.

IKEv1]: Group = ani, Username = , IP = x.x.x.x, Removing peer
from peer table failed, no match!

[IKEv1]: Group = ani, Username = , IP = x.x.x.x, Error: Unable
to remove PeerTblEntry


For a workaround, complete these steps:

  1. Check the configuration for these commands:

  2. Make sure that Split tunnel and relevant access-lists are configured properly.

Refer to PIX/ASA 7.x: Enhanced Spoke-to-Client VPN Configuration for information on how to configure a spoke-to-client VPN tunnel on the PIX Firewall

Third Party Software

Windows Active Directory

VPN Tunnel End Points


Features & Tasks

Authentication, Authorization, Accounting (AAA)

VPN Protocols

Split tunneling    

Version history
Revision #:
1 of 1
Last update:
‎06-17-2009 10:16 PM
Updated by:
Labels (1)