07-25-2007 10:58 PM - edited 03-09-2019 06:28 PM
I have configured a Ipsec l2l tunnel between two ASA 5505 devices. The VPN-Led is alight on both ASA's. I am able to ping from the inside of the one ASA to the inside of the other ASA, and vice versa. But I am not able to ping from the inside of any ASA to a device on the remote end ? What might be wrong ?
Kjetil
Solved! Go to Solution.
07-26-2007 04:05 AM
Do the clients on each side know how to get to the remote network? Do they have the ASA as default gateway?
The config looks ok, the NAT config is not complete, so NAT is probably not working but since nat-control is disabled it shouldn't be a problem for the vpn-tunnel.
But if you don't want to configure NAT at all you can remove the "nat (VOIP) 0" statement.
Do a "clear xlate" after any change to the NAT config.
07-26-2007 12:06 AM
Hi Kjetil
If your VPN is coming up and you are sure it has been established then could you check your crypto access-lists to make sure that you have included the remote network in the list.
Jon
07-26-2007 12:38 AM
It can also be a NAT issue or an internal routing problem.
If you attach the configs it will be easier to give you an answer.
07-26-2007 03:28 AM
07-26-2007 04:05 AM
Do the clients on each side know how to get to the remote network? Do they have the ASA as default gateway?
The config looks ok, the NAT config is not complete, so NAT is probably not working but since nat-control is disabled it shouldn't be a problem for the vpn-tunnel.
But if you don't want to configure NAT at all you can remove the "nat (VOIP) 0" statement.
Do a "clear xlate" after any change to the NAT config.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: