unable to ping on VPN Tunnel

Unanswered Question
Jan 9th, 2008

VPN tunnel is established. But, I can't ping from Host-A behind ASA-A to Host-B behind ASA-B and vice versa ...

sh crypto isakmp sa

Active SA: 1

Rekey SA: 0 (A tunnel will report 1 Active and 1 Rekey SA during rekey)

Total IKE SA: 1

access-list outside_1_cryptomap extended permit ip 10.10.1.0 255.255.255.0 192.168.2.0 255.255.255.0

access-list inside_nat0_outbound extended permit ip 10.10.1.0 255.255.255.0 192.168.2.0 255.255.255.0

access-list outside extended permit icmp any any

access-list outside extended permit icmp any interface outside echo-reply

access-list outside extended permit icmp any interface outside unreachable

access-list outside extended permit icmp any interface outside time-exceeded

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
srue Wed, 01/09/2008 - 21:09

does regular data traffic traverse the tunnel alright?

have you enabled the 'sysopt connection permit-vpn' command, if only for testing purposes, to see if that worked?

Actions

This Discussion