Showing results for 
Search instead for 
Did you mean: 

VPN client Error: 433: (Reason Not Specified by Peer)

Hello everybody,

I'm having this error when i tried to connect to VPN server. I am totally sure that connection group and the user authentication are ok.

It seems to be a IKE phase 1 problem. The output of debug isakmp level 1 & debug crypto ipsec 1

ERROR: IKE failed trying to create a session manager entry

Removing peer from peer table failed, no match!

Error: Unable to remove PeerTblEntry

In addition i tried changing the isakmp policy, but the problem continues. NAT-T is enable and i tried in differents PC with the same result.

I attach the output of the debugs in level 1 & 10 and the asa config.

VPN client:

ASA5510 V.8.0(3)6

Thanks in advance.

José Luis

Rising star

Re: VPN client Error: 433: (Reason Not Specified by Peer)

You have 2 options I can see here, 1 is to go ahead and reboot the ASA and see how it goes, second is to go to 8.0.4 since your version ( seems to have tons of records of this issue.


VPN client Error: 433: (Reason Not Specified by Peer)

How are your users authenticating? Are you using the LOCAL user database on the Cisco ASA itself? Or are you using a AAA authentication server, such as IAS or LDAP?

In my particular case all my users were getting error 433. I was authenticating against a Microsoft LDAP server. I think the Logon DN path had some characters Cisco couldn't comprehend. I moved the Logon Account to a different OU and it fixed it. Here are the details.