Site to site with an ASA5505 to a Linksys BEFVP41

Answered Question
Jun 30th, 2007

I'm trying to create a site-to-site connection between a ASA5505 and a Linksys BEFVP41. The remote site BEFVP41 connects but I can't get any traffic to the head-office network.

remote = 188.88.9.0 /24

headoffice = 188.88.8.0 /24

Config attached.

I have this problem too.
0 votes
Correct Answer by ggilbert about 9 years 6 months ago

Hello,

Did you get this working. I looked at the config on the ASA and according to what you have stated, it seems that you want to encrypt between 188.88.8.0/24 to 188.88.9.0/24 - But your access-list for encryption states

access-list outside_60_cryptomap extended permit ip 188.88.8.0 255.255.255.0 host 207.216.215.135

This is going to encrypt traffic originating from 188.88.8.0/24 to the host 207.216.215.135

IS that what you want to do?

Is that how it is configured on the linksys side?

Thanks

Gilbert

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (5 ratings)
Loading.
Correct Answer
ggilbert Wed, 07/11/2007 - 08:33

Hello,

Did you get this working. I looked at the config on the ASA and according to what you have stated, it seems that you want to encrypt between 188.88.8.0/24 to 188.88.9.0/24 - But your access-list for encryption states

access-list outside_60_cryptomap extended permit ip 188.88.8.0 255.255.255.0 host 207.216.215.135

This is going to encrypt traffic originating from 188.88.8.0/24 to the host 207.216.215.135

IS that what you want to do?

Is that how it is configured on the linksys side?

Thanks

Gilbert

bradarmitage Mon, 07/16/2007 - 12:21

Thanks for your reply Gilbert.

I haven't managed to get this going yet.

I do want to encrypt data between 188.88.8.0/24 and 188.88.9.0/24.

How would I go about making the change you suggest?

Thanks B4Hand,

Brad

acomiskey Mon, 07/16/2007 - 12:27

Give gilbert credit for this one...

access-list outside_60_cryptomap extended permit ip 188.88.8.0 255.255.255.0 188.88.9.0 255.255.255.0

access-list inside_nat0_outbound extended permit ip 188.88.8.0 255.255.255.0 188.88.9.0 255.255.255.0

bradarmitage Mon, 07/16/2007 - 12:35

Thank-you ever so much for the quick response. I will hopefully get a chance to implement and test this later tonight.

Cheers,

Brad

bradarmitage Tue, 07/17/2007 - 06:09

I applied the suggested solution and it worked like a charm. Thank-you very much for the excellent information.

Cheers,

Brad

ggilbert Tue, 07/17/2007 - 06:15

Adam,

Thanks and

Brad,

I am glad you got it to work.

Cheers,

Gilbert

Actions

This Discussion