Have an ASA, running 8.04, with a L2L VPN tunnel built. The ASA has two interfaces with there subnets supposed to enter the tunnel if destined to 192.168.0.0 /24
interface 1 - 192.168.3.0 /24
Interface 2 - 10.12.37.0 /24
Hosts from interface one can successfully reach devices on the subnet 192.168.0.x as expected.
However hosts on interface 2 cannot. In troubleshooting I can see the icmp replies coming back into the ASA but then my ASA reports this error and drops the replies:
Routing failed to locate next-hop for ICMP from OUTSIDE:192.168.0.252/0 to INSIDE:10.12.37.252/512
The syslog message is code 110003, which is defined as:
Recommended Action Copy the error message, the configuration, and any details about the events
leading up to the error, and contact Cisco TAC. During debugging, use the show asp table routing
command to view the routing table details.
The ASP routing table appears fine. The only difference between the two interfaces beside the physical is the security level, but the same sec command is present.