Monitoring IPSEC Site2site tunnel with SLA MONITOR on ASA

Unanswered Question
Oct 22nd, 2009
User Badges:

I've got site-to-site IPSEC VPN tunnel between two Cisco ASA.

My ASAs have the following LAN configuration :

ASA1 : lan ip address

ASA2 : lan ip address

From ASA2, I can test the VPN tunnel by using the follogin command :

ping inside

I would like to be able to use the SLA monitor feature to ping in to the tunnel too. I try the folowing commands on ASA2 :

sla monitor 2000

type echo protocol ipIcmpEcho interface inside

frequency 60

sla monitor schedule 2000 life forever start-time now

track 1 rtr 2000 reachability

But I've got the following error message in logs :

Routing failed to locate next hop for icmp from NP Identity Ifc: to inside:

Has anyone try to do some thing like that ?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion