[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Cisco PIX VPN Site-to-Site Error

Posted on 2006-04-26
3
Medium Priority
?
7,709 Views
Last Modified: 2011-08-18
Hello Everybody,

I have a problem with a vpn connection site to site.

On my pix i have these errors:

26-04-2006      10:03:49      Local7.Notice      pix      :Apr 26 10:03:49 CEDT: %PIX-vpn-5-713041: IP = 212.249.200.82, IKE Initiator: New Phase 1, Intf 5, IKE Peer 212.249.200.82  local Proxy
                                                                                                 Address  10.10.10.10, remote Proxy Address 172.16.32.0,  Crypto map (outside_map)
26-04-2006      10:03:49      Local7.Warning      pix      :Apr 26 10:03:49 CEDT: %PIX-vpn-4-713903: IP = 212.249.200.82, Header invalid, missing SA payload! (next payload = 4)
26-04-2006      10:03:49      Local7.Warning      pix      :Apr 26 10:03:49 CEDT: %PIX-vpn-4-713903: Group = 212.249.200.82, IP = 212.249.200.82, Can't find a valid tunnel group, aborting...!
26-04-2006      10:03:49      Local7.Error      pix      :Apr 26 10:03:49 CEDT: %PIX-vpn-3-713902: Group = 212.249.200.82, IP = 212.249.200.82, Removing peer from peer table failed, no match!
26-04-2006      10:03:49      Local7.Warning      pix      :Apr 26 10:03:49 CEDT: %PIX-vpn-4-713903: Group = 212.249.200.82, IP = 212.249.200.82, Error: Unable to remove PeerTblEntry

We broke down the tunnel on my side and my partnair side and rebuild the tunnel and I get the same error.

Can somebody help me please?!

Thanks in advance.

SDA
0
Comment
Question by:sungardit
  • 2
3 Comments
 
LVL 9

Accepted Solution

by:
stressedout2004 earned 750 total points
ID: 16546072
From the debugs, I see this: "Can't find a valid tunnel group, aborting". Could be a misconfiguration on the tunnel group.
Is this PIX to PIX?  Can you sanitized your configuration and post it. We need to double check it.
0
 

Author Comment

by:sungardit
ID: 16550508
Hi Stressedout ;-)

You are right found a misconfiguration on the tunnel group and correct it
Now I only have the error:
3|Apr 27 2006 08:33:26|713902: IP = 212.249.200.82, Removing peer from peer table failed, no match!

No, it isn't a PIX to PIX but a PIX to Astaro connection.

Thanks for your help.

SDA

0
 

Author Comment

by:sungardit
ID: 16551795
Just to inform you that I solved the problem.

It was on the remote side, they change a configuration and you know they didn't inform me.

Anyways, thanks for your help.


Regards,
SDA
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I've had to do a bit of research to setup my VPN connection so that Clients can access Windows Server 2008 network shares.  I have a Cisco ASA 5510 firewall.  I found an article which was extremely useful: It had a solution if you use ASDM to config…
If you use NetMotion Mobility on your PC and plan to upgrade to Windows 10, it may not work unless you take these steps.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

873 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question