Both hosts can reach each other without issues. Ping, connect, no problem.
The problem is when one of the hosts trys to reach the inside interface of the remote ASA. E.g. Host 1 trying to ping ASA5510 inside interface. Again Host 1 and 2 have the same subnet address of 10.1.1.0/24. I have configured the ASA 5505 to do the the NAT translations.
Here is the ASA 5505 config (the parts that matter):
ASA Version 8.2(5)
ip address 10.1.1.1 255.255.255.0
ip address 192.168.100.102 255.255.255.252
access-list vpnACL extended permit ip 10.1.20.0 255.255.255.0 10.1.1.0 255.255.255.0
access-list VPNnat extended permit ip 10.1.1.0 255.255.255.0 10.1.30.0 255.255.255.0
VPN NAT Overlap subnets remote ASA interface does not reply
Thanks Jennifer for the reply. Is that just an ASA rule? Or is there more of a technical reason why not? Because I see using debug icmp trace, the at ASA's receive the ICMP requests. But the ASA does not reply.
Show Name: Thoughts on Security at Cisco Live US 2018 in Orlando
Contributors: Kevin Klous, David White Jr., Aaron Woland, Jeff Fanelli
Posting Date: June 2018
Description: The team goes on-site in the Cisco Live Speaker room in...
RADIUS and Symantec VIP.
I will use screenshots of ASDM, and at the end I will add the required CLI commands. the diagram below show a diagram of the steps the FW goes through when using 2FA authentication:
As you can see in Fig. 1&nbs...