ASA5540 VPN tunnel to VPN tunnel

Unanswered Question
Feb 10th, 2010


I am using ASA5540 and configured the IPSEC VPN, my client use routers that each open L2TP IPSEC VPN to my ASA5540.

Per username and password I allocate static IP addresses from my Radius Server.

I can see both client routers have established VPN on the ASA.

At each client Router there is the private network,

Client A                               Client A Router                           ASA5540                         Client B Router             Client B  

                                                                                      VPN IP Allocated                             


I need from to ping via the tunnels.

Someone please help.


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
spremkumar Thu, 02/11/2010 - 04:25

Have you tried tracing the remote client sites from the other respective client site?

can you try doign the same from both the router and also from the client site pcs and find where the trace is gettings stuck up?


antuneslc Thu, 02/11/2010 - 06:02

Hi, thanks,

I did do that,

If I ping from to this is what I get on the logging at the ASA

IPSEC: Received an ESP Packet (SPI=0x15959DA1, sequence number= 0x2A) from (user =louis98) to The decapsulated inner packet doesn't match the negotiated polocy in the SA. The packet specifies its destination as, its source as, and its protocol as 1. The SA specifies its local proxy as and it remote_proxy as

If I traceroute from to all I see is and ASA logging shows

I get the same here as above just the protocol is 17

Regards, Louis


This Discussion