Vpn Tunnel Error between ASA-5510 and Nortel CES2700D

Unanswered Question
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
ggilbert Mon, 03/12/2007 - 07:43
User Badges:
  • Cisco Employee,

Hi Nitin,

Thanks for attaching the configuration -

Taking a look at the crypto ACL "outside_20_cryptomap", you have two statements.

From the symptoms you are saying, it maybe that your NAT exemption might not be configured properly.

Looking at the Nat exemption ACL "inside_nat0_outbound" it does seem like you do not have the proper entry.

Please make sure that your encryption ACL entries are the exact replica of your NAT exemption entries.

In your case, your NAT exemption entry should be

access-list inside_nat0_outbound extended permit ip host X.X.X.131 host

access-list inside_nat0_outbound extended permit icmp host X.X.X.131 host

Let me know. Otherwise we might have to get some extensive debugging to figure out the issue.

Rate this post, if it helps.




This Discussion