Re: VPN between 2 ASA; Tunnel UP, No traffic

Mahmoud Aziz · ‎01-05-2011

Hello Experts ,

I have built a VPN connection between two ASAs, useing the (VPN wizard), then I got this error message while sending the commands to one of the Units:

[ERROR] crypto map outside_map 40 set peer X.X.X.X

Multiple Peers can be specified only with originate-only connections

Note: I have another VPN tunnel on that ASA which is working fine, there is no overlapping in the crypto maps...

then I pressed Close and the tunnel went up, the 2 phases, but no trrafic is going through it..

on both ASAs, I can see in the log that internal clients is trying to reach the other clients (Ping, Telnet, ...) with the internal IPs (10.1.x.x and 192.168.x.x) which means that the VPN tunnel is correctly UP and the NAT-Exempt is doing its job..

one more thing, the log in the Home page in my ASDM is hanged and not showing any more logs, what do you think?

any suggestions?

what to check?

Best regards and many thanks in advance...

cadet alain · ‎01-05-2011

Hi,

do these commands and post result:

ping or telnet from one subnet to the other and then:

sh crypto is sa

sh crypto ipsec sa

Regards.

Alain.

Don't forget to rate helpful posts.

Mahmoud Aziz · ‎01-06-2011

Hi Alain,

Really appriciating your effort to help, but it is solved!!!

there was nothing wrong with the tunnel or the VPN configuration, it was a miss in routing on the other side

there was no default route on the switch, the technical guy there solve it..

but still dont understand that ERROR message, what dose it mean ?!

Thanksssss, Solvedddddddd