asa 5505 vpn ipsec l2l problem

[Hrvoje Popovski <hrvoje () srce hr>]

hello eveyone,

i have asa 5505 with Base license and 7.2.4 sofware.

Licensed features for this platform:
Maximum Physical Interfaces : 8
VLANs                       : 3, DMZ Restricted
Inside Hosts                : 10
Failover                    : Disabled
VPN-DES                     : Enabled
VPN-3DES-AES                : Enabled
VPN Peers                   : 10
WebVPN Peers                : 2
Dual ISPs                   : Disabled
VLAN Trunk Ports            : 0


i'm trying to create l2l ipsec tunnel reading manual on
http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/site2sit.html

and when i'm applying acl in crypto map
crypto map abcMap 1 match address acl
i'm getting this log:
Ignoring msg to mark SA with specified coordinates <abcMap, 1> dead

i don't have any debug messages (debug crypto ipsec 100)
google it but haven't found any answer.

thank you for your answers!

acl
access-list acl extended permit tcp host 192.168.11.11 host 10.1.100.13 
eq 4000
access-list acl extended permit tcp host 192.168.11.11 host 10.1.110.250 
eq 4000
access-list acl extended permit tcp host 192.168.11.11 eq ftp host 
10.1.100.105 eq ftp
access-list acl extended permit tcp host 192.168.11.11 host 10.1.100.105 
eq ftp-data
access-list acl extended permit tcp host 192.168.11.12 host 10.1.100.13 
eq 4000
access-list acl extended permit tcp host 192.168.11.12 host 10.1.110.250 
eq 4000
access-list acl extended permit tcp host 192.168.11.12 host 10.1.100.105 
eq ftp
access-list acl extended permit tcp host 192.168.11.12 host 10.1.100.105 
eq ftp-data
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards