Thursday, September 13, 2007

CISCO ASA 5510, 5505 VPN Removing peer from peer table failed, no match! Error

Symptom

When you try to connect CISCO VPN client you get this error in the log and it will not connect.

4 Sep 13 2007 11:05:12 713903 Group = DefaultRAGroup, IP = xxx.xxx.xxx.xxx, Error: Unable to remove PeerTblEntry

3 Sep 13 2007 11:05:12 713902 Group = DefaultRAGroup, IP = xxx.xxx.xxx.xxx, Removing peer from peer table failed, no match!

Possible Cause

This error message is misleading and leads you to beleive there is something really wrong about your configuration.

But it could simply mean that there is a mismatch, miss-spelling or missing entry the Group ID that is configured on the CISCO VPN client and the Group ID on the Tunnel Group setting.

I guess that the ASA is picking up the default group policy as it is not finding the correct one.

Solution

Check under the tunnel group in your running configuration.

tunnel-group type ipsec-ra

Go to the CISCO VPN client, go to the Authentication tab and the Name field must match what you used in
Post a Comment