i have an odd problem with routing traffic between two ASAs in two different locations. i have two locations with a site-to-site T1 in between. in both locations i have ASA5510s and on both ASAs i have following interfaces:
outside -> external interface
inside -> LAN
ptp -> interface for site-to-site T1
location A has LAN with subnet 192.168.0.0 /24 and location B has LAN with subnet 10.10.20.0 /24. i'm at location A and i can reach every host at location B. also hosts from location B can reach hosts at location A so i know the routing is working. however at location A i have a host 192.168.0.19 that needs to talk to host 10.10.20.19 at location B on UDP port 50795 and that traffic never gets accross. there are no access lists that would block the traffic. the really odd part is that i can capture packets on inside interface that match the criteria and see that host 192.168.0.19 is sending packets to 10.10.20.19, but when i try and capture packets on the ptp interface i see nothing BUT (!!!) if i try and capture packets on the outside interface i see them!!!
here is my access list that i use to capture traffic:
access-list cap2 line 1 extended permit udp any host 192.168.0.19 eq 50795
access-list cap2 line 2 extended permit udp host 192.168.0.19 eq 50795 any
here is my capture on inside interface (location A):
capture cap2 type raw-data access-list cap2 interface inside real-time
1: 00:57:34.929822 192.168.0.19.50795 > 10.10.20.19.50795: udp 15
2: 00:57:44.929990 192.168.0.19.50795 > 10.10.20.19.50795: udp 15
3: 00:57:54.929868 192.168.0.19.50795 > 10.10.20.19.50795: udp 15
here is my capture on outside interface (location A):
capture cap3 type raw-data access-list cap3 interface outside real-time
1: 00:57:14.929395 192.168.0.19.50795 > 10.10.20.19.50795: udp 15
2: 00:57:24.929502 192.168.0.19.50795 > 10.10.20.19.50795: udp 15
3: 00:57:34.929853 192.168.0.19.50795 > 10.10.20.19.50795: udp 15
the exact same thing is happening on location B. i can see the capture on inside interface and verfy that host 10.10.20.19 is sending packets to host 192.168.0.19 on port 50795 but i don't capture any of these packets on the ptp interface - instead i caputre them on the outside interface! both hosts 192.168.0.19 and 10.10.20.19 and Avaya phone systems so i cannot try sending other type of traffic between two hosts but i can see that there is a lot of UDP traffic between 192.168.0.19 and 10.10.20.18 (which is a voicemail server) so i know that 192.168.0.19 can reach location B but for some reason traffic to 10.10.20.19 is sent to the outside interface.
any help, suggestions or comments and welcomed as i have been working on this for the last two days and i can't get my head around this.