Problem with site-site VPN

Unanswered Question
Nov 7th, 2010
User Badges:

Hi All,


I am coming across some issues with site-site vpn tunnel.

Can anyone guide me on this?


Problem reported:
Client cannt download the emails intermittantly but internet access is fine.
2 branch sites dont have any issues with email access.The issue is with only one site.Whenever the problem comes users can acees the emails using client VPN.To resolve this issue, i have to reset the vpn tunnel everytime then it works fine for some days but again it stops working.
The exchange server has already added in the Crypto ACL.
As users can access the emails using Client VPN during this issue so it not seems to be internet link issue.

Topology:
I do have site-site VPN configured between the Central site ASA  and 3 branch sites ASAs out of which only one branch site is having issues.



Thanks & Regards

Manish

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Federico Coto F... Sun, 11/07/2010 - 11:23
User Badges:
  • Green, 3000 points or more

Hi,


The tunnel never actually goes down between this two sites?

i.e.

If you let a PING packet through the tunnel to the Exchange server from that location it works when the problem is happening?

If all other applications work at that time but the e-mail I doubt it will be a problem with the VPN tunnel itself.


Federico.

manish_3191 Sun, 11/07/2010 - 20:22
User Badges:

Hi,


When the problem is happening ping to exchange server doesnt work.When i resets the tunnel its starts working.

What do you mean by problem with vpn tunnel itself?Can you please let me know?



Thanks

Mansih

Federico Coto F... Mon, 11/08/2010 - 08:36
User Badges:
  • Green, 3000 points or more

What I'm trying to determine is if the tunnel actually goes down or if it's just traffic that stops passing through.

Could you check if the tunnel remains up when the problem happen with the command ''sh cry isa sa''


Federico.

Actions

This Discussion