troubleshooting Question

ASA 5505 l2l Tunnel - Reset Local Ident

Avatar of scottmellmo
scottmellmoFlag for United States of America asked on
Hardware FirewallsInternet Protocol SecurityCisco
3 Comments2 Solutions1085 ViewsLast Modified:
After reconfiguring a l2l tunnel between two ASA 5505s the local identity on peer A is incorrect and is configured as the old identity. This is also true on peer 2: it sees peer A with the incorrect identity.

Peer A: sh crypto ipsec sa peer 171.x.x.x
local ident (addr/mask/prot/port): (192.168.100.0/255.255.255.0/0/0)
      remote ident (addr/mask/prot/port): (x.x.x.x/255.255.255.0/0/0)
      current_peer: 171.x.x.x


should be

local ident (addr/mask/prot/port): (10.10.1.0/255.255.255.0/0/0)
      remote ident (addr/mask/prot/port): (x.x.x.x/255.255.255.0/0/0)
      current_peer: 171.x.x.x


Is there a way to reset the identity, preferably without rebooting the ASAs?
ASKER CERTIFIED SOLUTION
scottmellmo

Our community of experts have been thoroughly vetted for their expertise and industry experience.

Join our community to see this answer!
Unlock 2 Answers and 3 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 2 Answers and 3 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros