ey ID: 0x9A96777D)
> -Original Message-
> From: Scott Granados [mailto:gsgrana...@comcast.net]
> Sent: Thursday, September 03, 2009 12:09 PM
> To: Michael K. Smith - Adhost
> Cc: cisco-nsp@puck.nether.net
> Subject: Re: [c-nsp] ASA5520 to Pix can't bring up IPSEC L2L tun
er 03, 2009 10:57 AM
Subject: RE: [c-nsp] ASA5520 to Pix can't bring up IPSEC L2L tunnel
Hello Scott:
That error is something not matching up in the Phase 1 portion. You
should look at the ISAKMP values on both sides to make sure they match.
Including, but not limited to, proposals, session
Scott,
A pointer for your ACLs, wrap up your secured networks into two object-groups.
For example:
Object-group network internal
Network-object 10.1.0.0 255.255.0.0
Network-object 10.1.0.0 255.255.0.0
.
Object-group network ny_nets
Network-object 10.18.14.0 255.255.255.0
Then craft yo
009 10:41 AM
> To: Michael K. Smith - Adhost
> Cc: cisco-nsp@puck.nether.net
> Subject: Re: [c-nsp] ASA5520 to Pix can't bring up IPSEC L2L tunnel
>
> Hi Mike and others, still no love. I wanted to confirm I made the NAT
> entries properly. I used the example on Cisco.com f
x9A96777D)
-Original Message-
From: Scott Granados [mailto:gsgrana...@comcast.net]
Sent: Wednesday, September 02, 2009 11:02 AM
To: Michael K. Smith - Adhost; Ryan West; cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] ASA5520 to Pix can't bring up IPSEC L2L tunnel
Hi Michael, thanks but one t
From: "Michael K. Smith - Adhost"
To: "Scott Granados" ; "Ryan West"
;
Sent: Wednesday, September 02, 2009 10:33 AM
Subject: RE: [c-nsp] ASA5520 to Pix can't bring up IPSEC L2L tunnel
Hello Ryan:
Without the no-nat on the ASA side it will try to NAT the
l Message -
From: "Michael K. Smith - Adhost"
To: "Scott Granados" ; "Ryan West"
;
Sent: Wednesday, September 02, 2009 10:33 AM
Subject: RE: [c-nsp] ASA5520 to Pix can't bring up IPSEC L2L tunnel
Hello Ryan:
Without the no-nat on the ASA side it will tr
st"
To: "Scott Granados" ; "Ryan West"
;
Sent: Wednesday, September 02, 2009 10:33 AM
Subject: RE: [c-nsp] ASA5520 to Pix can't bring up IPSEC L2L tunnel
Hello Ryan:
Without the no-nat on the ASA side it will try to NAT the traffic before
putting it down the tunne
;Scott Granados" ; "Ryan West"
;
Sent: Wednesday, September 02, 2009 10:33 AM
Subject: RE: [c-nsp] ASA5520 to Pix can't bring up IPSEC L2L tunnel
Hello Ryan:
Without the no-nat on the ASA side it will try to NAT the traffic before
putting it down the tunnel. So, you're remo
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Scott Granados
Sent: Wednesday, September 02, 2009 9:45 AM
To: Ryan West; cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] ASA5520 to Pix can't bring up IPSEC L2L tunnel
Hi, so right now my Pix in the field
her.net
Subject: [c-nsp] ASA5520 to Pix can't bring up IPSEC L2L tunnel
Hi, I have a Pix out in the field and an ASA5520 that I'm trying to
configure to pass L2L traffic. I keep getting an error that says
IKEV1 IP=a.b.c.d removing peer from peer table failed, no match
ip=a.b.c.d unable t
.0
access-list vpn-1 permit ip 10.18.15.0 255.255.255.192 10.11.0.0 255.255.0.0
Thanks
Scott
- Original Message -
From: "Ryan West"
To: "Scott Granados" ;
Sent: Wednesday, September 02, 2009 6:15 AM
Subject: RE: [c-nsp] ASA5520 to Pix can't bring up IPSEC L
Hi, I have a Pix out in the field and an ASA5520 that I'm trying to
configure to pass L2L traffic. I keep getting an error that says
IKEV1 IP=a.b.c.d removing peer from peer table failed, no match
ip=a.b.c.d unable to remove peer table entry
What am I doing wrong?
Here are the important config
13 matches
Mail list logo
