Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

5520 intresting vpn trafic will not pass from cascading networks

Interesting will not pass through vpn even if any is specified.

If anyone know why please respond.

Thank You....

7 REPLIES

Re: 5520 intresting vpn trafic will not pass from cascading netw

joseph,

Would you please provide more information regarding this issue?

Are you using site-to-site vpn?

Are they cisco ASA 5520?

Toshi

Re: 5520 intresting vpn trafic will not pass from cascading netw

Yes,

I am using site-to-site.

I am using a 5520 and connecting to a remote site using a 5505.

It seems that only trafic that originates form subnets that are directly connected to the 5520 will only pass even when I define the source as any.

I have used other vpn clients and it work perfectly using the same interesting trafic config (Openswan to 5505).

I do appreciate your time...

Thank You...

Re: 5520 intresting vpn trafic will not pass from cascading netw

joseph,

Do you have other networks behind ASA5520 and you already configured them as interesting traffic?

Would you please post the configuration on ASA5520? Excluding sensitive information.

Toshi

Re: 5520 intresting vpn trafic will not pass from cascading netw

Here is a diagram and the important sections of my running config(s).

(see attachment)

Thank You

Again...

Joe

Re: 5520 intresting vpn trafic will not pass from cascading netw

Joe,

Is there a layer3 device between old nets and new nets? Does this device have a route to 10.10.170.0(remote-end) pointing to ASA5520? Does ASA5520 have routes of old nets to route them back to Layer3 device?

Toshi

Re: 5520 intresting vpn trafic will not pass from cascading netw

Thank You .... Toshi

I had a route from my Layer3 device to the 5520 but did not have them back the other direction.

Thanks again...!

Joe...

Re: 5520 intresting vpn trafic will not pass from cascading netw

Joe,

I have no doubt why ASA is pretty cool.(grin)

Good job. let me know how things work out.

Toshi

147
Views
0
Helpful
7
Replies
CreatePlease to create content