Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

ASA Site to Site VPN debug

Hi,

We have site to site VPN ( L-2-L) between two locations over internet. We have Cisco ASA 5500 series and other side has some another device on which VPN tunnel is terminating.

Suddenly existing VPN tunnel has gone down due to some reason.( Pre share key , or any other algorithm)

How do we debug the VPN site to site VPN.

When i have given command

show crypto isakmp sa

it shows :

State : MM_WAIT_MSG2 and then it goes off.

when given debug command it shows :

"Removing peer from peer table failed, no Match! IP : OtherEnd.Peer.IP, Error: Unable to remove PeerTblEntry.

Please share the eperience.

Any link of cisc.com is highly appreciable.

Subodh

1 REPLY
Bronze

Re: ASA Site to Site VPN debug

I live and die by this document, as a good friend sent it to me.

http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00807e0aca.shtml

Beyond that, it sounds like you don't have a peer specified for the remote end. Has the IP at either end changed? Post a sanitized config if possible.

Hope this helps, rate if it does.

JB

931
Views
0
Helpful
1
Replies
CreatePlease to create content