I have configured a site to site vpn using a hub and spoke topology with 4 sites. A tunnel is succesfully established between the hub and each of the hub sites individually. The problem is I receive the following error message when the second tunnel is established. IPSEC validate_transform_proposal):

peer address 24.x.x.114 not found.

It seems as though the tunnel establishes fine though.

Site A:

access-list 120 permit ip 10.0.1.0 255.255.255.0 10.0.2.0 255.255.255.0

access-list 130 permit ip 10.0.1.0 255.255.255.0 10.0.3.0 255.255.255.0

access-list 140 permit ip 10.0.1.0 255.255.255.0 10.0.4.0 255.255.255.0

access-list 100 permit ip 10.0.1.0 255.255.255.0 10.0.2.0 255.255.255.0

access-list 100 permit ip 10.0.1.0 255.255.255.0 10.0.3.0 255.255.255.0

access-list 100 permit ip 10.0.1.0 255.255.255.0 10.0.4.0 255.255.255.0

nat (inside) 0 access-list 100

sysopt connection permit-ipsec

crypto ipsec transform-set strong esp-des esp-sha-hmac

crypto map advtax 20 ipsec-isakmp

crypto map advtax 20 match address 120

crypto map advtax 20 set peer 70.178.bbb.bbb

crypto map advtax 20 set transform-set strong

crypto ipsec transform-set strong esp-des esp-sha-hmac

crypto map advtax 30 ipsec-isakmp

crypto map advtax 30 match address 130

crypto map advtax 30 set peer 24.153.ccc.ccc

crypto map advtax 30 set transform-set strong

crypto ipsec transform-set strong esp-des esp-sha-hmac

crypto map advtax 40 ipsec-isakmp

crypto map advtax 40 match address 140

crypto map advtax 40 set peer 24.153.ddd.ddd

crypto map advtax 40 set transform-set strong

crypto map advtax interface outside

isakmp enable outside

isakmp key xxxxx address 70.178.bbb.bbb netmask 255.255.255.255

isakmp key xxxxx address 24.153.ccc.ccc netmask 255.255.255.255

isakmp key xxxxx address 24.153.ddd.ddd netmask 255.255.255.255

isakmp identity address

isakmp nat-traversal 20

isakmp policy 8 authentication pre-share

isakmp policy 8 encryption des

isakmp policy 8 hash sha

isakmp policy 8 group 1

isakmp policy 8 lifetime 86400

Site B:

access-list 110 permit ip 10.0.2.0 255.255.255.0 10.0.1.0 255.255.255.0

access-list 100 permit ip 10.0.2.0 255.255.255.0 10.0.1.0 255.255.255.0

nat (inside) 0 access-list 100

sysopt connection permit-ipsec

management-access inside

crypto ipsec transform-set strong esp-des esp-sha-hmac

crypto map advtax 10 ipsec-isakmp

crypto map advtax 10 match address 110

crypto map advtax 10 set peer 24.153.aaa.aaa

crypto map advtax 10 set transform-set strong

crypto map advtax interface outside

isakmp enable outside

isakmp key xxxxx address 24.153.aaa.aaa netmask 255.255.255.255

isakmp identity address

isakmp nat-traversal 20

isakmp policy 8 authentication pre-share

isakmp policy 8 encryption des

isakmp policy 8 hash sha

isakmp policy 8 group 1

isakmp policy 8 lifetime 86400

Sites C and D are the same as "B" with the exception of the access-lists.

Thanks,

Brian