Problem in configuring IPSec VPN

Unanswered Question
Apr 30th, 2008
User Badges:

Hi Guys

On my remote site I have configure ASA 5510 behind the Telco ADSL Modem which has a dynamic IP , all traffic is patted on ASA and Modem.

On my Head Office VPN will be terminated on Juniper Firewall with static IP address.

But VPN tunnel is not comming up


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
kapish.mohole Wed, 04/30/2008 - 20:49
User Badges:

Hi, to understand it properly, are you trying to create LAN to LAN VPN? Is the IP on outside interface of remote location's ASA dynamically assigned?

Put here both end's ASA VPN config and outside interface config.


asfar.zaidi Wed, 04/30/2008 - 23:18
User Badges:

The IP address on the outside is statically assign because its connected to Telco Router ,

Outside of Telco Router is dynamically assigne as it is ADSL.

kapish.mohole Thu, 05/01/2008 - 11:34
User Badges:

Hi, here your IP on outside interface is In order to establish LAN to LAN VPN, on head office VPN router you need to set peer's public IP address for remote ASA but you don't have it as your remote ASA is behind the ADSL router and can not get public IP, you will need static public IP address on outside interface. Make sure isakmp is enabled on outside interface.

Right now VPN can not be established as the ASA outside IP is private IP and VPN traffic initiated from remote office can not reach the ASA. It will reach once ASA has a public IP and you configure that IP as peer on your head office router.

Look at the ADSL router for any possibilities of IP assignment or NAT.

Rate me if this is helping you.




This Discussion