nanog mailing list archives
Re: <Need Help - Cisco ASA 8.4.1 to Juniper SSG-550 6.2.0r1.0VPN Configuration>
From: Chris Russell <chris () nifry com>
Date: Sat, 09 Jul 2011 00:09:49 +0100
Sending 5, 100-byte ICMP Echos to 10.1.4.81, timeout is 2 seconds: IPSEC(crypto_map_check)-3: Looking for crypto map matching 5-tuple: Prot=1, saddr=10.20.1.2, sport=29733, daddr=10.1.4.81, dport=29733 IPSEC(crypto_map_check)-5: Checking crypto map CARIBOU-VPN-1 10:
skipping
incomplete map. No peer, access-list or transform-set specified. IPSEC(crypto_map_check)-1: Error: No crypto map matched.From my understanding this is caused by the crypto map not being able to establish a tunnel to the Juniper.
From that log, the Cisco is missing numerous configuration items: No peer, access-list or transform-set specified. Do you have the above specified in the crypto map within the ASA ? Cheers Chris
Current thread:
- <Need Help - Cisco ASA 8.4.1 to Juniper SSG-550 6.2.0r1.0VPN Configuration> Michael Ruiz (Jul 08)
- Re: <Need Help - Cisco ASA 8.4.1 to Juniper SSG-550 6.2.0r1.0VPN Configuration> Chris Russell (Jul 08)
- Re: <Need Help - Cisco ASA 8.4.1 to Juniper SSG-550 6.2.0r1.0VPN Configuration> Michael Ruiz (Jul 09)
- Re: <Need Help - Cisco ASA 8.4.1 to Juniper SSG-550 6.2.0r1.0VPN Configuration> Chris Russell (Jul 08)