Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
376
Views
0
Helpful
2
Replies

s2s vpn pinging problem

Tkacprzak
Level 1
Level 1

‎09-06-2012 05:27 AM

Hello,

I have a site to site VPN between ASA - inside 192.168.1.x and Cisco router 192.168.3.x.

I was asked to add access for additional hosts from subnet 1.x to 3.x (there were some already working).

I added them configuration is identical to the ones configured previously.

Now if i try ping from 1.x to 3.x it doesn't work but from 3.x to 1.x works (obviously after that ping from 1.x to 3.x works too).

I can't seem to find where the problem might be.

Thank you

Labels:
0 Helpful
2 Replies 2

Mohammad Alhyari
Cisco Employee
Cisco Employee

‎09-09-2012 06:04 AM

Hi Tomasz ,

can you please post the config here , as i understand is after pinging from the router side you can ping in the other direction , so lets check the ASA .

also one thing you can do is to get :

packet-tracer input inside icmp host1 8 8 host2 det

before initiating the tunnel , host1 is an ip at the ASA side host2 is an ip on the router side.

HTH .

Mohammad.

0 Helpful

Tkacprzak
Level 1
Level 1
In response to Mohammad Alhyari

‎09-11-2012 04:54 AM

Hello Mohammad,

First of all thank you for your response. I managed to solve this problem - in site to site configuration i didn't change the local network to match newly added addresses - silly .

sideline: the packet tracer was showing that everything is ok.

0 Helpful
Customers Also Viewed These Support Documents