asa to asa tunnel nor working

Unanswered Question
Jul 7th, 2009

I am trying to setup l2l tunel between 2 asa devices tunel establishes but when i try to ping fom site l1 to site r1 i see that icmp psaes to tunnel but not recieved back. tunnel tx increased.

on r1 site i see that tunnel RX increased but not tx. acl sems to be the same. what could be the problem.

attache runin configs. r1 and l1.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
giedriusr Tue, 07/07/2009 - 01:26

fixed nat on r1 to

nat (inside) 0 access-list nonat

nat (inside) 1

but nothing helps .

giedriusr Tue, 07/07/2009 - 01:47

i have checked or even disabled nat on both sites.

When i do packet tracer on on r1 asa i got strange output.

i have rule on r1 to permit <> <>

eevn after it permit any any on r1 inside interface bu tracer said that paket was droped by implicit rule deny any any.

giedriusr Tue, 07/07/2009 - 04:40

I know that in r1 but where?

I recreated ipsec tunel from begining on r1 but now when i am trying to initiate tunell form r1 side i get

Routing failed to locate next hop for icmp from NP Identity Ifc: to inside:

if i am trying to establish tunel from l1 side it comes up bu no reply from r1 to l1 side.


This Discussion