I have configured site-to-site IPSEC and the tunnel is up, but I have no acces between two internal networks(defined as interesting traffic).
There is a point-to-point connection between me and local ISP. I have /29 network routed to my network. I'm using loopback interface with /32 address from that network for peer configuration (there is the crypto map command). I can ping it from outside.
When I'm using extended ping with source address - my internal address ip address - I can ping host from interesting network, but only from local router.
When I'm trying to ping from internal host - the packets do not enter in the tunnel (sh crypto ipsec sa - sent packets counter doesn't increment).
When host from remote network try to ping local host it receives "Request time out", but received packet counter increments.
I put static route to remote network through loopback interface..
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...