Site to site with an ASA5505 to a Linksys BEFVP41

Answered Question
Jun 30th, 2007
User Badges:

I'm trying to create a site-to-site connection between a ASA5505 and a Linksys BEFVP41. The remote site BEFVP41 connects but I can't get any traffic to the head-office network.

remote = 188.88.9.0 /24

headoffice = 188.88.8.0 /24


Config attached.



Correct Answer by ggilbert about 9 years 10 months ago

Hello,


Did you get this working. I looked at the config on the ASA and according to what you have stated, it seems that you want to encrypt between 188.88.8.0/24 to 188.88.9.0/24 - But your access-list for encryption states


access-list outside_60_cryptomap extended permit ip 188.88.8.0 255.255.255.0 host 207.216.215.135


This is going to encrypt traffic originating from 188.88.8.0/24 to the host 207.216.215.135


IS that what you want to do?


Is that how it is configured on the linksys side?


Thanks

Gilbert

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (5 ratings)
Loading.
Correct Answer
ggilbert Wed, 07/11/2007 - 08:33
User Badges:
  • Cisco Employee,

Hello,


Did you get this working. I looked at the config on the ASA and according to what you have stated, it seems that you want to encrypt between 188.88.8.0/24 to 188.88.9.0/24 - But your access-list for encryption states


access-list outside_60_cryptomap extended permit ip 188.88.8.0 255.255.255.0 host 207.216.215.135


This is going to encrypt traffic originating from 188.88.8.0/24 to the host 207.216.215.135


IS that what you want to do?


Is that how it is configured on the linksys side?


Thanks

Gilbert

bradarmitage Mon, 07/16/2007 - 12:21
User Badges:

Thanks for your reply Gilbert.

I haven't managed to get this going yet.


I do want to encrypt data between 188.88.8.0/24 and 188.88.9.0/24.

How would I go about making the change you suggest?


Thanks B4Hand,

Brad

acomiskey Mon, 07/16/2007 - 12:27
User Badges:
  • Green, 3000 points or more

Give gilbert credit for this one...


access-list outside_60_cryptomap extended permit ip 188.88.8.0 255.255.255.0 188.88.9.0 255.255.255.0


access-list inside_nat0_outbound extended permit ip 188.88.8.0 255.255.255.0 188.88.9.0 255.255.255.0




bradarmitage Mon, 07/16/2007 - 12:35
User Badges:

Thank-you ever so much for the quick response. I will hopefully get a chance to implement and test this later tonight.


Cheers,

Brad

bradarmitage Tue, 07/17/2007 - 06:09
User Badges:

I applied the suggested solution and it worked like a charm. Thank-you very much for the excellent information.


Cheers,

Brad

ggilbert Tue, 07/17/2007 - 06:15
User Badges:
  • Cisco Employee,

Adam,


Thanks and


Brad,


I am glad you got it to work.


Cheers,

Gilbert

Actions

This Discussion