Thursday, November 19, 2015

Cisco ASA: "Removing peer from peer table failed, no match!" For VPN

My customer says that the VPN to a certain customer of theirs is down on the ASA.  Nothing change on our side.  So the obvious answer is that something changed on their side.  So I get him to run a constant ping to the remote side network where he is trying to get to.  But, I see the below message when doing a "show cryp isa"

6   IKE Peer: 4.2.26.166
    Type    : user            Role    : initiator
    Rekey   : no              State   : MM_WAIT_MSG2

I also see this in the logs:

Nov 09 11:02:44 [IKEv1]: IP = 4.2.26.166, Removing peer from peer table failed, no match!
Nov 09 11:02:44 [IKEv1]: IP = 4.2.26.166, Error: Unable to remove PeerTblEntry

As it turns out, their Internet connection is down.  When it came back up, so did the VPN.

No comments:

Post a Comment

Your comment will be reviewed for approval. Thank you for submitting your comments.