L2L vpn - unable to access one subnet -Urgent

somnath21 · ‎03-13-2008

hi,

I have configured L2L vpn between site A and B.In site A i have 3 subnets..

10.138.78.0/24,10.138.79.0/24,10.138.80.0/24.In site B also i have 3 subnets 172.16.0.0/24,162.29.0.0/24,162.30.0.0/24

Now the problem is from site A i am able to access 172.29.0.0 and 172.30.0.0 network but i am unable to access 172.16.0.0 network.

pls find the acl config..

SITE A:

object-group network HQO

network-object 172.16.0.0 255.255.0.0

network-object 172.29.0.0 255.255.0.0

network-object 172.30.0.0 255.255.252.0

object-group network LOCAL

network-object 10.138.78.0 255.255.255.0

network-object 10.138.79.0 255.255.255.0

network-object 10.138.80.0 255.255.255.0

access-list HQO extended permit ip object-group LOCAL object-group HQO

SITE B:

access-list CHI line 1 extended permit ip object-group LOCAL object-group CHI 0xad2ed804

access-list CHI line 1 extended permit ip 172.16.0.0 255.255.0.0 10.138.78.0 255.255.255.0

access-list CHI line 1 extended permit ip 172.16.0.0 255.255.0.0 10.138.79.0 255.255.255.0

access-list CHI line 1 extended permit ip 172.16.0.0 255.255.0.0 10.138.80.0 255.255.255.0

access-list CHI line 1 extended permit ip 172.29.0.0 255.255.0.0 10.138.78.0 255.255.255.0

access-list CHI line 1 extended permit ip 172.29.0.0 255.255.0.0 10.138.79.0 255.255.255.0

access-list CHI line 1 extended permit ip 172.29.0.0 255.255.0.0 10.138.80.0 255.255.255.0

access-list CHI line 1 extended permit ip 172.30.0.0 255.255.252.0 10.138.78.0 255.255.255.0

access-list CHI line 1 extended permit ip 172.30.0.0 255.255.252.0 10.138.79.0 255.255.255.0

access-list CHI line 1 extended permit ip 172.30.0.0 255.255.252.0 10.138.80.0 255.255.255.0

pls guide me to resolve this issue..

thanks,

james

husycisco · ‎03-14-2008

Hi James

Please attach your full sanitized configs

Regards