unable to ping inside host L2L VPN..URGENT

Unanswered Question
Feb 15th, 2008


I have configured L2L von between ASA5520 and PIX525.Both end tunnel is active but unable to ping any inside host or peer IP.I have checked the access-list and its seems ok.

sh crypto isakmp sa (ASA550)

IKE Peer: x.x.x.x

Type : L2L Role : initiator

Rekey : no State : MM_ACTIVE

pdns1# sho crypto isakmp sa (PIX5525)

Total : 1

Embryonic : 0

dst src state pending created

x.x.x.x x.x.x.x QM_IDLE 0 1

Pls help me to slove the probllem

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
pdriscoll Fri, 02/15/2008 - 08:35

I suspect you have a NAT issue. Are you bypassing NAT for tunnel traffic?

Run "show ipsec sa" and see if you are getting packets encrypt and de-crypt on both sides of the tunnel.



This Discussion