Both hosts can reach each other without issues. Ping, connect, no problem.
The problem is when one of the hosts trys to reach the inside interface of the remote ASA. E.g. Host 1 trying to ping ASA5510 inside interface. Again Host 1 and 2 have the same subnet address of 10.1.1.0/24. I have configured the ASA 5505 to do the the NAT translations.
Here is the ASA 5505 config (the parts that matter):
ASA Version 8.2(5)
ip address 10.1.1.1 255.255.255.0
ip address 192.168.100.102 255.255.255.252
access-list vpnACL extended permit ip 10.1.20.0 255.255.255.0 10.1.1.0 255.255.255.0
access-list VPNnat extended permit ip 10.1.1.0 255.255.255.0 10.1.30.0 255.255.255.0
VPN NAT Overlap subnets remote ASA interface does not reply
Thanks Jennifer for the reply. Is that just an ASA rule? Or is there more of a technical reason why not? Because I see using debug icmp trace, the at ASA's receive the ICMP requests. But the ASA does not reply.
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...