RA and L2L issue on ASA

Unanswered Question
Jan 18th, 2010
User Badges:


The scenario as following, I have two ASA5510 running version 8.0(5) and connected over Internet via IPsec dynamic to static L2L (obviously the static one is on HQ), it works perfectly fine with no issue. I have configured remote access VPN to terminate on HQ's ASA and it works fine as well.

now I'm trying to grant access for RA clients to resources reside on the branch (dyanmic ASA) but to no avail.

Any idea !!



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
balsheikh Thu, 01/21/2010 - 02:10
User Badges:

Hi Jorge,

I got it work, thanks for the post. I always did the testing from the VPN client (Remote users) but it didn't work, then I thought to try to ping from the subnet behind the ASA (dynamic L2L Tunnel) and amazingly start working, the issue was the users unable to initiate the session, once the tunnel established from ASA side the remote users granted access for all resources behind ASA.

Many thanks for the support.........


JORGE RODRIGUEZ Thu, 01/21/2010 - 17:57
User Badges:
  • Green, 3000 points or more

Belal, glad you got it working..  and you're very  welcome


balsheikh Sun, 01/24/2010 - 01:02
User Badges:

Hi Jorge,

I'm facing difficalty to force the VPN clients to initiate the VPN session, VPN clients can only responding to dynamic ASA.

any idea !!



This Discussion

Related Content