daemon@ATHENA.MIT.EDU (Chris Russell)
Fri Jul 8 19:10:23 2011
Date: Sat, 09 Jul 2011 00:09:49 +0100
From: Chris Russell <chris@nifry.com>
To: Michael Ruiz <mruiz@lstfinancial.com>
In-Reply-To: <690D7D20D2507C44BA8066926B200989183496@ES1002.ic-sa.com>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
> Sending 5, 100-byte ICMP Echos to 10.1.4.81, timeout is 2 seconds:
> IPSEC(crypto_map_check)-3: Looking for crypto map matching 5-tuple:
> Prot=1, saddr=10.20.1.2, sport=29733, daddr=10.1.4.81, dport=29733
> IPSEC(crypto_map_check)-5: Checking crypto map CARIBOU-VPN-1 10:
skipping
> incomplete map. No peer, access-list or transform-set specified.
> IPSEC(crypto_map_check)-1: Error: No crypto map matched.
>
>>From my understanding this is caused by the crypto map not being able to
>>establish a tunnel to the Juniper.
From that log, the Cisco is missing numerous configuration items:
No peer, access-list or transform-set specified.
Do you have the above specified in the crypto map within the ASA ?
Cheers
Chris
