I've got a slight problem with a site to site vpn setup between site A and site B and the ability to authenticate against an RSA SecurID appliance located at Site A if the user VPNs in to Site B.
Basically, the setup is as follows:
Site A:
Cisco ASA 5510
RSA SecurID appliance
VPN access set on the firewall to authenticate against site A RSA device.
Single Class C Subnet supernetted on /23 - the inside interface on the firewall is on this subnet
Site B:
Cisco ASA 5510
VPN access set on the firewall to authenticate against Site A RSA device.
Single Class C Subnet supernetted on /23 - the inside interface on the firewall is on this subnet
Site A works beautifully, authenticates and allows access.
Site B hangs on 'contacting the security gateway'. When I try to ping Site A subnet from firewall B, I get no response, which I think is the problem.
I have set the 'same-security-traffic permit intra-interface' setting.
Any help would be much appreciated.