I hope all are doing good
Last week , we had setup L2L vpn between ASA and 2851 router. Below is our setup:
10.71.x.x /16 ==>3750==>ASA5540 ==>INTERNET==> ROUTER-2851==>3750==>10.1.X.X/16
Our problem is that remote site cannot access our network but we can access their network.ACL+routing were check and all are correct.
I check one of our setup L2L vpn setup also, 3845 -> 2851 when I do show crypto ipsec sa, i see all the networks active define in local and remote networks but in our setup of ASA-2851 i don't see this kind of output. I see only two subnets active. After initiating ping to remote networks, then i can see the another two networks when i do show crypto ipsec sa. Is this normal? i know that there should be rekeying of sa but why do (local+remote networks) is missing when no traffic is passing from the local network.
Please help and advice!