5520 intresting vpn trafic will not pass from cascading networks

Unanswered Question
Apr 15th, 2009

Interesting will not pass through vpn even if any is specified.

If anyone know why please respond.

Thank You....

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
thotsaphon Wed, 04/15/2009 - 13:29


Would you please provide more information regarding this issue?

Are you using site-to-site vpn?

Are they cisco ASA 5520?


jabramsciscosupport Wed, 04/15/2009 - 13:39


I am using site-to-site.

I am using a 5520 and connecting to a remote site using a 5505.

It seems that only trafic that originates form subnets that are directly connected to the 5520 will only pass even when I define the source as any.

I have used other vpn clients and it work perfectly using the same interesting trafic config (Openswan to 5505).

I do appreciate your time...

Thank You...

thotsaphon Wed, 04/15/2009 - 13:48


Do you have other networks behind ASA5520 and you already configured them as interesting traffic?

Would you please post the configuration on ASA5520? Excluding sensitive information.


thotsaphon Thu, 04/16/2009 - 07:53


Is there a layer3 device between old nets and new nets? Does this device have a route to pointing to ASA5520? Does ASA5520 have routes of old nets to route them back to Layer3 device?


jabramsciscosupport Thu, 04/16/2009 - 08:03

Thank You .... Toshi

I had a route from my Layer3 device to the 5520 but did not have them back the other direction.

Thanks again...!


thotsaphon Thu, 04/16/2009 - 08:05


I have no doubt why ASA is pretty cool.(grin)

Good job. let me know how things work out.



This Discussion