problem with L2L ASA to Router

Unanswered Question

We have set  up a VPN between an ASA 5505 and a 1751 router .

That vpn has to replace a previous one between the 1751 and another router .

The VPN is established successfully and I can ping the 1751's internal interface from the ASA's network, but I cannot ping any host behind the 1751 router .

The hosts are fine as they were working before we changed the configuration .

Attached the configuration , I hope some expert can check it and tell me if something wrong.

Attachment: 
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Federico Coto F... Tue, 03/02/2010 - 15:15
User Badges:
  • Green, 3000 points or more

Hi,


If you can PING the 1751's internal IP from the ASA's network, the VPN is fine.

If you cannot PING any host behind the 1751 through the tunnel, the most common cause is a routing issue.


Is the default gateway for the hosts behind the 1751, the inside interface of the 1751?


Federico.

Federico Coto F... Tue, 03/02/2010 - 21:34
User Badges:
  • Green, 3000 points or more

If you do a traceroute from the hosts on the 1751 side to the ASA's subnet, do they go through the tunnel?


Do you see packets encrypted on the 1751 ''show cry ipsec sa'' for every traffic sent?


Federico.

Actions

This Discussion