Help with VPN from ASA to remote office

Unanswered Question
Apr 8th, 2008


Please let me know what configs you need if any, they are big so let me kow what you need.

Anyway, I have managed to complete phase 1 and phase 2 of the VPN from the ASA 5520 to the remote office which is a Cisco 877 DSL router.

Now here is the tricky part to explain:

1.) Is seems that if I ping servers from the remote office to servers on the inside of the ASA they won't reply, but if I reverse this and I send a ping from one of the servers on the ASA's inside to the remote network it will time-out then come up and then both sides can ping.

It's as if the ASA/server side can start the communication only which is not right, I want both sides to be able to do this.

2.) I then notice on the ASA 5520 that I will have 1 IKE tunnel and 4 IPSec tunnels, and these IPsec tunnels will increase if I ping from another server to the remote network, is the right?

I pinged the remote network from 4 servers and it went:

1 IKE Tunnel 1 IPSec Tunnel

1 IKE Tunnel 2 IPSec Tunnel

1 IKE Tunnel 3 IPSec Tunnel

1 IKE Tunnel 4 IPSec Tunnel

If I ping from another server not yet used it will be:

1 IKE Tunnel 5 IPSec Tunnel

I thought 1 IEK and 1 IPSec tunnel would support all communication.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion