Brand new Cisco ASA 5510, config was supposedly copied over from an existing PIX. However none of the branch office IPSEC VPN connections work. Pre-shared key is the same. Here are errors shown in the ASDM Syslog:
Group =216.9.xxx.xxx, IP=216.9.xxx.xxx, Error: Unable to remove PeerTblEntry
Group =216.9.xxx.xxx, IP=216.9.xxx.xxx, Removing peer from peer table failed, no match!
Group =216.9.xxx.xxx, IP=216.9.xxx.xxx, sending delete/delete with reason message
Group =216.9.xxx.xxx, IP=216.9.xxx.xxx, IKE SA MM:d7f09a03 terminating: flags 0x1000002, refcnt 0, tuncnt 0
Group =216.9.xxx.xxx, IP=216.9.xxx.xxx, IKE MM Responder FSM error history (struct &0x8bd5c38) <state>, <event>: MM_DONE, EV_ERROR-->MM_B...
Group =216.9.xxx.xxx, IP=216.9.xxx.xxx, Can't find a valid tunnel group, aborting...!
where 216.9.xxx.xxx = one of our remote sites IP address (I masked it with x's in this posting for security).
Our branch offices use LinkSys BEFSX41 SOHO VPN routers. They work fine with the PIX. For obvious reasons, we're not yet using our new ASA...this has stumped our IT services provider who seems to be more inadequate with each passing hour.
For more background on this problem, see:
http://www.experts-exchange.com/Hardware/Networking_Hardware/Firewalls/Q_22605386.htmlPlease help!
Thanks,
David
Start Free Trial
