Yes sir.

I called cisci tac and according to the asa team, the tunnel cannot be created 
because the juniper is not the session to be created due to some missmatches.
--------------------------
Sent using BlackBerry


----- Original Message -----
From: Chris Russell [mailto:ch...@nifry.com]
Sent: Friday, July 08, 2011 06:09 PM
To: Michael Ruiz
Cc: nanog@nanog.org <nanog@nanog.org>
Subject: Re: <Need Help - Cisco ASA 8.4.1 to Juniper SSG-550 6.2.0r1.0VPN 
Configuration>


> Sending 5, 100-byte ICMP Echos to 10.1.4.81, timeout is 2 seconds:
> IPSEC(crypto_map_check)-3: Looking for crypto map matching 5-tuple:
> Prot=1, saddr=10.20.1.2, sport=29733, daddr=10.1.4.81, dport=29733
> IPSEC(crypto_map_check)-5: Checking crypto map CARIBOU-VPN-1 10:
skipping
> incomplete map.  No peer, access-list or transform-set specified.
> IPSEC(crypto_map_check)-1: Error: No crypto map matched.
>
>>From my understanding this is caused by the crypto map not being able to
>>establish a tunnel to the Juniper.

 From that log, the Cisco is missing numerous configuration items:

No peer, access-list or transform-set specified.

 Do you have the above specified in the crypto map within the ASA ?

Cheers

Chris

CONFIDENTIALITY NOTICE: This message is intended only for the individual or 
entity to which it is addressed and may contain information that is 
confidential or exempt from disclosure under applicable law. If you are not the 
intended recipient, you have received this communication in error. In such 
case, please notify us immediately by reply e-mail and immediately delete this 
message and its attachments. Any use, dissemination, redistribution or 
reproduction of this communication is strictly prohibited. Unless the message 
explicitly states otherwise, no e-mail correspondence claims to be a 
contractual offer or acceptance. LST Financial has instructed its employees not 
to send libelous or inappropriate statements and disclaims responsibility for 
such. Subject to applicable law, LST Financial may monitor, review and retain 
e-communications traveling through its networks/systems. By messaging with LST 
Financial you consent to the foregoing.
CONFIDENTIALITY NOTICE: This message is intended only for the individual or 
entity to which it is addressed and may contain information that is 
confidential or exempt from disclosure under applicable law. If you are not the 
intended recipient, you have received this communication in error. In such 
case, please notify us immediately by reply e-mail and immediately delete this 
message and its attachments. Any use, dissemination, redistribution or 
reproduction of this communication is strictly prohibited. Unless the message 
explicitly states otherwise, no e-mail correspondence claims to be a 
contractual offer or acceptance. LST Financial has instructed its employees not 
to send libelous or inappropriate statements and disclaims responsibility for 
such. Subject to applicable law, LST Financial may monitor, review and retain 
e-communications traveling through its networks/systems. By messaging with LST 
Financial you consent to the foregoing.

Reply via email to