I have a remote location that my Corporate office connects to through an IPSec tunnel at the moment. We've decided to upgrade and get an MPLS tunnel between our two locations. Every time I try to force traffic from one location to another, something is dropping packets out and killing the traffic.
Corporate office runs in a Class C subnet in the vein of 10.9.6.x and the remote office is in a Class C subnet in the vein of 10.5.6.x. So, for example, I have the MPLS routers connected by two interfaces: their serial link that goes to the MPLS network, and their FastEthernet ports are connected to the local subnets at 10.9.6.9 and 10.5.6.9, respectively. I take down the IPSec tunnel and put in routes to go from one subnet to the other on the ASAs at each location which are configured as the default gateways for each location. I can ping from 10.9.6.9 to 10.5.6.9 and vice versa, but when I try to ping from 10.9.6.9 to 10.5.6.100 it fails.
Like I've said, I can ping from 10.9.6.9 to 10.5.6.9 without a problem. When I try to ping to another host on the other subnet, I lose the traffic. Now, on my syslog messages I saw that it couldn't find a translation group for the reply back message when I sent a ping, so I put in a NAT exemption for the replies but then they just never show up at the other end.
For clarification, please ask any questions. I'm just trying to see if what I'm trying to work with is even possible.
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...