being not familiar yet with ASA's (2x 5510 with 7.2(1)) I'm not able to set up an l2l-tunnel failover (active/standby). On the primary(active) ASA the l2l-tunnel works without errors, but the when the secondary(standby) ASA became active I get the following errors:
%ASA-6-713219: IP = xxx.xxx.xxx.xxx, Queuing KEY-ACQUIRE messages to be processed when P1 SA is complete.
%ASA-3-713902: IP = xxx.xxx.xxx.xxx, Removing peer from peer table failed, no match!
%ASA-4-713903: IP = xxx.xxx.xxx.xxx, Error: Unable to remove PeerTblEntry .
There could be a number of reasons for your problem. First make sure that it is working in single routed mode. It will not work in multi-context and/or transparent firewall mode. Also a failover key must be configured.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...