VPN site to site with dinamic IP, no connection to internal hosts

Unanswered Question
Feb 9th, 2010
User Badges:

I have a site to site VPN with a static IP address and a dynamic IP on the side of the static ip I have a ASA 5510 and the side of a router I have dynamic ip 850, according to configure the VPN as I said in ciscotacc.com page k23411061 case. Using L2Lgroup.

The VPN tunnel is created but if I can not ping internal hosts from both sides. Is that the nature of the vpn I can not ping the side of the static ip to dynamic ip, but inversely neither can.

Check also the IPSec statistics and see that side of the Cisco 850 if the packets are encrypted but do not reach back.

If anyone can help me.


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
spremkumar Thu, 02/11/2010 - 04:33
User Badges:
  • Red, 2250 points or more


Once your connected to the remote device have you checked the status of the ipsec tunnel in the router?

can you issue this command show crypto isakmp sa and check/paste the status here?

also if possible can you post the configs here ?


FRANCISCO IBARRA Thu, 02/11/2010 - 15:02
User Badges:


You could make the connection between the two sites, but had code that was causing me problems.

My question is I have the connection but at a certain time you fall, look at this forum and I find the idea of increasing the lifetime of ike time policy, if it is not official.



This Discussion