VPN ASA 5520 problem.


has anyone worked with ASA 5500 Series device ? I have some problem. I have configured L2TP over IPSec, but i have this errors:

Dec 21 14:00:48 [IKEv1]: IP = XX.XX.XX.XX, Removing peer from peer table failed, no match! Dec 21 14:00:48 [IKEv1]: IP = XX.XX.XX.XX, Error: Unable to remove PeerTblEntry

My config is:

ASA Version 7.2(2) ! hostname ciscoasa domain-name cisco enable password 8Ry2YjIyt7RRXU24 encrypted no names ! interface GigabitEthernet0/0 description outside nameif outside security-level 0 ip address ! interface GigabitEthernet0/1 description inside nameif inside security-level 100 ip address ! interface GigabitEthernet0/2 shutdown no nameif no security-level no ip address ! interface GigabitEthernet0/3 shutdown no nameif no security-level no ip address ! interface Management0/0 shutdown no nameif no security-level no ip address ! passwd 0kMQqdPs3iv5ySaU encrypted boot system disk0:/asa722-k8.bin no ftp mode passive dns server-group DefaultDNS domain-name cisco pager lines 24 logging enable logging asdm informational mtu outside 1500 mtu inside 1500 ip local pool POOL mask no failover asdm image disk0:/asdm-522.bin no asdm history enable arp timeout 14400 route outside 1 timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat

0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip- disconnect 0:02:00 timeout uauth 0:05:00 absolute group-policy group internal group-policy group attributes vpn-tunnel-protocol l2tp-ipsec username admin password HrKM275P1eMLunbN encrypted privilege 15 http server enable http inside no snmp-server location no snmp-server contact crypto ipsec transform-set TRANS esp-3des esp-sha-hmac crypto ipsec transform-set TRANS mode transport crypto dynamic-map dyn1 1 set transform-set TRANS crypto map mymap 1 ipsec-isakmp dynamic dyn1 crypto map mymap interface outside crypto isakmp enable outside crypto isakmp policy 2 authentication pre-share encryption 3des hash sha group 5 lifetime 14400 tunnel-group VPN type ipsec-ra tunnel-group VPN general-attributes address-pool POOL authentication-server-group ktu-radius default-group-policy group tunnel-group VPN ipsec-attributes pre-shared-key * tunnel-group VPN ppp-attributes authentication ms-chap-v2 telnet inside telnet timeout 30 ssh timeout 5 console timeout 10


Can anyone help me ?

Reply to
Donatas Abraitis
Loading thread data ...

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.