cisco PIX 501 crypto map error "WARNING: This crypto map is incomplete"

I wish to add a second VPN  tunnel, however when I issue the second crypto map settings the pix returns the following error:
 "WARNING: This crypto map is incomplete. To remedy the situation add a peer and a valid access-list to this crypto map".
 Note I have separate ACL lists for crypto maps and no-nat as I am aware of the issue regarding viewing and editing in the PDM software while using one access-list.
I have also tried issuing the following command to suspend the current tunnels while configuring "no crypto map transam interface outside", however to no avail.

Please can someone advise the correct way to issue multiple crypto maps?
The-ChiefAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

JFrederick29Commented:
Add an additional sequence number to the existing crypto map.  You can only assign one crypto map to an interface.  You will always get that message when you are adding a crypto map based on the nature of applying the commands.

For example:

crypto map transam 100 match address 100
crypto map transam 100 set peer x.x.x.x
crypto map transam 100 set transform-set esp-3des-sha

crypto map transam 200 match address 200
crypto map transam 200 set peer y.y.y.y
crypto map transam 200 set transform-set esp-3des-sha

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
The-ChiefAuthor Commented:
Have tried that already, and everything looks ok after "show run" command.

However whenever I add a new crypto map and view the settings in the PDM gui under IPsec Rules, it reads (Null Rule) after the ip address.

Is this a bug with the PDM software?

Also as previously stated by JFrederick29: can the initial CLI warning message be ignored when adding additional crypto maps?
JFrederick29Commented:
Can you post the crypto map running-configuration?  Not to my knowledge that it can be ignored.
Cloud as a Security Delivery Platform for MSSPs

Every Managed Security Service Provider (MSSP) needs a platform to deliver effective and efficient security-as-a-service to their customers. Scale, elasticity and profitability are a few of the many features that a Cloud platform offers. View our on-demand webinar to learn more!

ricks_vCommented:
looks like you have not mentioned peer internet address on the config:
crypto map transam 100 set peer (x.x.x.x ) --> double check this
for acl issue, you can try this command
sysopt connection permit-ipsec   (to bypass acl for all ipsec traffic)
The-ChiefAuthor Commented:
Looks like there is a underlying problem with the settings for the second tunnel. .
I can t connect over the second tunnel on its own.
I ll have to sort this out first before attempting to connect 2 tunnels at once.
Thanks
The-ChiefAuthor Commented:
Thanks guys.
However I have a problem with the second tunnel settings so will have to sort that out first before attempting multiple ones.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Cisco

From novice to tech pro — start learning today.