RA and L2L issue on ASA

Unanswered Question
Jan 18th, 2010


The scenario as following, I have two ASA5510 running version 8.0(5) and connected over Internet via IPsec dynamic to static L2L (obviously the static one is on HQ), it works perfectly fine with no issue. I have configured remote access VPN to terminate on HQ's ASA and it works fine as well.

now I'm trying to grant access for RA clients to resources reside on the branch (dyanmic ASA) but to no avail.

Any idea !!



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
balsheikh Thu, 01/21/2010 - 02:10

Hi Jorge,

I got it work, thanks for the post. I always did the testing from the VPN client (Remote users) but it didn't work, then I thought to try to ping from the subnet behind the ASA (dynamic L2L Tunnel) and amazingly start working, the issue was the users unable to initiate the session, once the tunnel established from ASA side the remote users granted access for all resources behind ASA.

Many thanks for the support.........


balsheikh Sun, 01/24/2010 - 01:02

Hi Jorge,

I'm facing difficalty to force the VPN clients to initiate the VPN session, VPN clients can only responding to dynamic ASA.

any idea !!



This Discussion