I have two sites Site A: MNMCDEL and Site B: NNMCCNI. See the attached Diagrams of both the sites.
Both the sites are connected using MPLS. I have one interface called MPLS in both the Firewall and I am able to ping each other (192.168.1.114 in SiteA is pining to 192.168.2.114 in SiteB).
The customer requirement is, from SiteA firewall he should be able to ping SiteB DCNMS interface IP address (192.168.2.190) from SiteA and do SNMP polling.Similarly he should be able to ping SiteA DCNMS interface IP address (192.168.1.190) from SiteB and do SNMP polling.
To do this I configured site-site VPN between Site A and Site B and configured "management-access DCNMS" in both the firewall. But even though the IPSEC tunnel is formed I am not able to ping 192.168.1.190 from SiteB and 192.168.2.190 from SiteA. I am getting the following error message.
"%FWSM-3-305006: portmap translation creation failed for icmp src MPLS:192.168.1.114 dst DCNMS:192.168.2.190 (type 8, code 0)"
Which is the correct solution for this requirement