cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1554
Views
0
Helpful
1
Replies

ASA Site to Site VPN debug

bapatsubodh
Level 1
Level 1

Hi,

We have site to site VPN ( L-2-L) between two locations over internet. We have Cisco ASA 5500 series and other side has some another device on which VPN tunnel is terminating.

Suddenly existing VPN tunnel has gone down due to some reason.( Pre share key , or any other algorithm)

How do we debug the VPN site to site VPN.

When i have given command

show crypto isakmp sa

it shows :

State : MM_WAIT_MSG2 and then it goes off.

when given debug command it shows :

"Removing peer from peer table failed, no Match! IP : OtherEnd.Peer.IP, Error: Unable to remove PeerTblEntry.

Please share the eperience.

Any link of cisc.com is highly appreciable.

Subodh

1 Reply 1

jpoplawski
Level 1
Level 1

I live and die by this document, as a good friend sent it to me.

http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00807e0aca.shtml

Beyond that, it sounds like you don't have a peer specified for the remote end. Has the IP at either end changed? Post a sanitized config if possible.

Hope this helps, rate if it does.

JB

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: