ASA 5505 <> ASA 5510 Site-Site VPN

Answered Question
Feb 18th, 2009
User Badges:

Trying to setup a site to site vpn beetween a ASA 5505 and a 5510. I can't get anything threw, there is now debug messages either. I must have done something wrong, I followed this document: http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080950890.shtml but I cant get it to work. Anyone who can have a look at my configs, maybe I have forgoten anything.



Correct Answer by Ivan Martinon about 8 years 5 months ago

OK, if you go ahead and add this command to both firewalls "management-access inside" and try from one side ping inside 10.21.32.10 still nothing going through?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Ivan Martinon Wed, 02/18/2009 - 13:04
User Badges:
  • Cisco Employee,

I just have a question for you, the outside interface of both ASA have private addressing, is this a setup on a lab? or is it real stuff

eskriste80 Wed, 02/18/2009 - 13:14
User Badges:

Just changed them because I didn't want my public ip's online.


Both boxes answers when I ping the public ip from console so regulary traffic between is ok.

Correct Answer
Ivan Martinon Wed, 02/18/2009 - 13:17
User Badges:
  • Cisco Employee,

OK, if you go ahead and add this command to both firewalls "management-access inside" and try from one side ping inside 10.21.32.10 still nothing going through?

eskriste80 Wed, 02/18/2009 - 14:35
User Badges:

Now I got ping reply from 10.21.32.10, but not from any other hosts on that network. I pinged from a computer in the 10.20.0.0 network.

eskriste80 Wed, 02/18/2009 - 14:21
User Badges:

I have made a drawing of the network. And added new running configs. This is with real ips, just puted in some x's.



Attachment: 

Actions

This Discussion