01-09-2013 03:31 AM - edited 02-21-2020 06:36 PM
hy there
I configured an IPsec tunnel but I have an error to connect.
this is my configuration and the error i got is this
4 | Jan 09 2013 | 00:53:00 | 713903 | Group = CON_trabajadores, IP = 81.43.96.53, Error: Unable to remove PeerTblEntry |
4Jan 09 2013 | 00:53:06 | 713902 | Group = CON_trabajadores, IP = 81.43.96.53, Removing peer from peer table failed, no match! |
access-list split_tunel_CON_trabajadores remark conexionIPsec
access-list split_tunel_CON_trabajadores standard permit 192.168.54.0 255.255.255.0
crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto map outside_map 1 match address outside_1_cryptomap
crypto map outside_map 1 set peer 201.238.197.253
crypto map outside_map 1 set transform-set ESP-DES-MD5
crypto map outside_map 1 set nat-t-disable
crypto map outside_map 2 match address outside_2_cryptomap
crypto map outside_map 2 set peer 190.41.143.165
crypto map outside_map 2 set transform-set ESP-DES-MD5
crypto map outside_map 2 set nat-t-disable
crypto map outside_map 3 match address outside_3_cryptomap
crypto map outside_map 3 set peer 200.59.12.152
crypto map outside_map 3 set transform-set ESP-DES-MD5
crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map outside_map interface outside
crypto isakmp enable outside
crypto isakmp policy 10
authentication pre-share
encryption des
hash md5
group 1
lifetime 86400
ip local pool AccesoRemoto
group-policy CON_trabajadores internal
group-policy CON_trabajadores attributes
dns-server value DNS-SERVER
vpn-tunnel-protocol IPSec
split-tunnel -policy tunnelspecified
split-tunnel-network-list value split_tunnel_CON_trabajadores
split-dns value DNS-SERVER
adress-pools value AccesoRemoto
tunnel-group CON_trabajadores type remote-access
tunnel-group CON_trabajadores general-attributes
address-pool AccesoRemoto
authentication-server-group NPS (with radius pointing to an AD)
default-group-policy CON_trabajadores
tunnel-group CON_trabajadores ipsec-attributes
pre-shared-key *******
isakmp keepalive disable
group-policy CON_trabajadores attributes
group-lock value CON_trabajadores
Solved! Go to Solution.