I am getting errors and unable to send traffic across my VPN tunnel. I am using a ASA 5505 and 5510. The 5505 is setup static with the 5510 dynamic. I am getting the following errors on the 5510 and getting similar errors on the 5505: Nov 21 [IKEv1]Group = DefaultL2LGroup, IP = xxx.xxx.xxx.xxx, Removing peer from correlator table failed, no match! Nov 21 [IKEv1]Group = DefaultL2LGroup, IP = xxx.xxx.xxx.xxx, QM FSM error (P2 struct &0xae2d6d70, mess id 0x9df74ed4) These are with just debugging at level 1 with ipsec and ikev1. Both ASA's are running code 8.4(2) and ASDM 6.4(5) 106. The SA is established: 5510# show crypto ikev1 sa IKEv1 SAs: Active SA: 1 Rekey SA: 0 (A tunnel will report 1 Active and 1 Rekey SA during rekey) Total IKE SA: 1 1 IKE Peer: xxx.xxx.xxx.xxx Type : L2L Role : responder Rekey : no State : MM_ACTIVE I am showing active tunnels in ipsec, ikev1, and isakmp stats. It may have something to do with NAT. You do not want VPN traffic to be NAT'd correct? Any ideas, help, and suggestions would be appreciated. Thank you. Attached is a example drawing.
... View more