URL: https://www.opennet.me/cgi-bin/openforum/vsluhboard.cgi
Форум: vsluhforumID6
Нить номер: 19348
[ Назад ]

Исходное сообщение
"не работает l2l ASA5510 - ASA5505"
Отправлено alex_nvart , 24-Июл-09 17:49

одна ASA переехала на новый айпишник, соответственно на второй в crypto maps поменял peer, но тунель не поднялся. Не могу понять в чем проблема, подскажите плиз кто сталкивался с таким.
debug crypto isakmp (переехавшей ASA):
Jul 24 17:44:48 [IKEv1]: IP = 89.255.74.38, Removing peer from peer table failed, no match!
Jul 24 17:44:48 [IKEv1]: IP = 89.255.74.38, Error: Unable to remove PeerTblEntry
Jul 24 17:44:48 [IKEv1]: Group = 89.255.74.38, IP = 89.255.74.38, Information Exchange processing failed
Jul 24 17:44:50 [IKEv1]: Group = 89.255.74.38, IP = 89.255.74.38, Information Exchange processing failed
Jul 24 17:44:55 [IKEv1]: Group = 89.255.74.38, IP = 89.255.74.38, Information Exchange processing failed
Jul 24 17:44:56 [IKEv1]: Group = 89.255.74.38, IP = 89.255.74.38, Information Exchange processing failed
Jul 24 17:44:58 [IKEv1]: Group = 89.255.74.38, IP = 89.255.74.38, Information Exchange processing failed
Jul 24 17:45:03 [IKEv1]: Group = 89.255.74.38, IP = 89.255.74.38, Removing peer from peer table failed, no match!
Jul 24 17:45:03 [IKEv1]: Group = 89.255.74.38, IP = 89.255.74.38, Error: Unable to remove PeerTblEntry
Jul 24 17:45:04 [IKEv1]: Group = 89.255.74.38, IP = 89.255.74.38, Removing peer from peer table failed, no match!
Jul 24 17:45:04 [IKEv1]: Group = 89.255.74.38, IP = 89.255.74.38, Error: Unable to remove PeerTblEntry
Jul 24 17:45:06 [IKEv1]: Group = 89.255.74.38, IP = 89.255.74.38, Removing peer from peer table failed, no match!
Jul 24 17:45:06 [IKEv1]: Group = 89.255.74.38, IP = 89.255.74.38, Error: Unable to remove PeerTblEntry

debug crypto isakmp (непереехавшей ASA):
Jul 24 17:46:17 [IKEv1]: Group = 82.204.240.46, IP = 82.204.240.46, Error: Unable to remove PeerTblEntry
Jul 24 17:46:25 [IKEv1]: IP = 82.204.240.46, Header invalid, missing SA payload! (next payload = 4)
Jul 24 17:46:33 [IKEv1]: IP = 82.204.240.46, Header invalid, missing SA payload! (next payload = 4)
Jul 24 17:46:41 [IKEv1]: IP = 82.204.240.46, Header invalid, missing SA payload! (next payload = 4)
Jul 24 17:46:50 [IKEv1]: Group = 82.204.240.46, IP = 82.204.240.46, Can't find a valid tunnel group, aborting...!
Jul 24 17:46:50 [IKEv1]: Group = 82.204.240.46, IP = 82.204.240.46, Removing peer from peer table failed, no match!
Jul 24 17:46:50 [IKEv1]: Group = 82.204.240.46, IP = 82.204.240.46, Error: Unable to remove PeerTblEntry
Jul 24 17:46:58 [IKEv1]: IP = 82.204.240.46, Header invalid, missing SA payload! (next payload = 4)
Jul 24 17:47:06 [IKEv1]: IP = 82.204.240.46, Header invalid, missing SA payload! (next payload = 4)
Jul 24 17:47:14 [IKEv1]: IP = 82.204.240.46, Header invalid, missing SA payload! (next payload = 4)
Jul 24 17:47:23 [IKEv1]: Group = 82.204.240.46, IP = 82.204.240.46, Can't find a valid tunnel group, aborting...!
Jul 24 17:47:23 [IKEv1]: Group = 82.204.240.46, IP = 82.204.240.46, Removing peer from peer table failed, no match!
Jul 24 17:47:23 [IKEv1]: Group = 82.204.240.46, IP = 82.204.240.46, Error: Unable to remove PeerTblEntry
Jul 24 17:47:31 [IKEv1]: IP = 82.204.240.46, Header invalid, missing SA payload! (next payload = 4)
Jul 24 17:47:39 [IKEv1]: IP = 82.204.240.46, Header invalid, missing SA payload! (next payload = 4)

Содержание

не работает l2l ASA5510 - ASA5505,del23, 16:24 , 28-Июл-09

Сообщения в этом обсуждении

"не работает l2l ASA5510 - ASA5505"
Отправлено del23 , 28-Июл-09 16:24

Конфиг покажи..
и за одно глянь не забыл ли ты ISAKMP key прописать для нового IP.