Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

IPSEC tunnel between ASA 5505 and ASA 5540

We have a site-to-site VPN set up between our HQ (10.10.0.x) and a remote site (10.20.x.x). The HQ device is a ASA 5540, and the remote device is an ASA 5505. version ASA 7.2(2)

The tunnel is up and passing traffic. I can ping from any device on the HQ network to any device on the remote network. The problem is this:

I can not ping ASA 5505 LAN from HQS lan after five minutes of inactivity or no traffic between ASA 5505 and ASA 5540.

I chekced the tunnel and they are active on both ASA (remote and HQS).

My ping times out for atleast five minutes and then it started to ping again. I replicated same scenerio again .

Any idea what causing this issue. I am attaching ipsec configurations for ASA 5505 and ASA 5540


Re: IPSEC tunnel between ASA 5505 and ASA 5540

Can you run a show crypto ipsec sa + show crypto isakmp sa and attach?

New Member

Re: IPSEC tunnel between ASA 5505 and ASA 5540

It's working now. There was a NAT issue in firewall. It's been fixed . Thanks for your help