Watch the case

I ran into a problem today rearding ASA configuration

There are 2 builtin VPN groups in the ASA: DefaultRAGroup and DefautlL2LGroup.

You can from the cli delete these but the will not disapear – they will only become invisible. This means that an incoming tunnel will still try to connect to the tunnelgroups. First to DefaultRAGroup and then to DefautlL2LGroup.

When I tried to “recreate” DefautlL2LGroup and set a pre-shared key I misspelled the groupname so it became DefaultL2Lgroup (note the g instead of G in Group). This meant that I had two groups: one called DefaultL2Lgroup with the correct psk and one called DefautlL2LGroup which was invisible.

It took some time before one of my collegues found this.

Comments

Leave a Reply

To respond on your own website, enter the URL of your response which should contain a link to this post's permalink URL. Your response will then appear (possibly after moderation) on this page. Want to update or remove your response? Update or delete your post and re-enter your post's URL again. (Find out more about Webmentions.)