09-07-2007 01:18 PM
When using the VPN Tunnel Wizard on my 5520 i select Site to Site as the tunnel type. Then, i hit next and I get the following error:
You cannot add a new tunnel policy,because the priority range is exhausted.
Any ideas, i'm having a difficult time trying to resolve this. Im assuming I can still create a site-to-site VPN via the CLI as that is how the others were done. However, I'd like to have the Wizzard work too.
09-10-2007 01:12 PM
Following command resolved my issue.
crypto map outside_map 500 ipsec-isakmp dynamic outside_dyn_map
09-11-2007 04:09 AM
Keith,
The issue is typically related to the dynamic VPN map on the firewall having an entry of 65535. The wizard tries to increase the number by one and add an entry, but because 65535 is the logical limit, it cannot.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: