11-17-2008 01:13 PM
I had two ASA's connected via site-to-site VPN tunnel for several months now (and working) and now something has changed that doesn't allow any traffic from one end to the other. My end shows all zeroes on encaps an hundreds of thousands of decaps. While everything looks the same in the configs something has changed to break my connection. Any ideas?
11-18-2008 05:38 AM
Hi,
Has something changed with your internal routing for this remote subnet. If you are seeing decaps, it means you are receiving traffic but having issues with the return traffic. Check the routing as well as NAT Configuration (NAT 0) on the ASA.
Also, make sure there are no overlapping IPSEC ACL between difference peers.
Regards,
Arul
*Pls rate if it helps*
11-18-2008 08:17 AM
Arul's right on the money here - we can't really tell you any more without seeing the configuration. It's probably either a routing issue (the traffic isn't being routed back to the ASA) or you
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: