Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
368
Views
0
Helpful
1
Replies

unable to ping inside host L2L VPN..URGENT

somnath21
Level 1
Level 1

‎02-15-2008 12:49 AM - edited ‎02-21-2020 03:33 PM

hi,

I have configured L2L von between ASA5520 and PIX525.Both end tunnel is active but unable to ping any inside host or peer IP.I have checked the access-list and its seems ok.

sh crypto isakmp sa (ASA550)

IKE Peer: x.x.x.x

Type : L2L Role : initiator

Rekey : no State : MM_ACTIVE

pdns1# sho crypto isakmp sa (PIX5525)

Total : 1

Embryonic : 0

dst src state pending created

x.x.x.x x.x.x.x QM_IDLE 0 1

Pls help me to slove the probllem

Labels:
0 Helpful
1 Reply 1

pdriscoll
Level 1
Level 1

‎02-15-2008 08:35 AM

I suspect you have a NAT issue. Are you bypassing NAT for tunnel traffic?

Run "show ipsec sa" and see if you are getting packets encrypt and de-crypt on both sides of the tunnel.

Patrick

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents