We have a remote site with only 1 public IP address. This has been assigned to the outside interface on the router and that redirects traffic on a port by port basis to the ASA 5510 firewall.

I have created a L2L VPn from a Symantec security firewall to the ASA firewall however I have used the Public IP address of the router as one peer address and the Symantec fireall as the other peer address. Then I am port redirecting 50 & 51 for IKE and port 500 IPSEC on the router to the ASA device.

However we cant see a tunnel - can someone please offer any advice on what else I need to do to get the tunnel working.

nat (Internal) 0 access-list Internal_nat0_outbound

access-list Internal_nat0_outbound extended permit ip Internal-Network 255.255.255.0 X.X.X.X 255.255.255.0

access-list External_cryptomap_20 extended permit ip Internal-Network 255.255.255.0 X.X.X.x 255.255.255.0

crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac

crypto map External_map 20 match address External_cryptomap_20

crypto map External_map 20 set peer X.X.X.X of remote firewall

crypto map External_map 20 set transform-set ESP-3DES-SHA

crypto map External_map interface External

isakmp enable External

isakmp policy 10 authentication pre-share

isakmp policy 10 encryption 3des

isakmp policy 10 hash sha

isakmp policy 10 group 1

isakmp policy 10 lifetime 86400

tunnel-group X.X.X.X of remote firewall type ipsec-l2l

tunnel-group X.X.X.X of remote firewall ipsec-attributes

pre-shared-key