Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

unable to ping inside host L2L VPN..URGENT

hi,

I have configured L2L von between ASA5520 and PIX525.Both end tunnel is active but unable to ping any inside host or peer IP.I have checked the access-list and its seems ok.

sh crypto isakmp sa (ASA550)

IKE Peer: x.x.x.x

Type : L2L Role : initiator

Rekey : no State : MM_ACTIVE

pdns1# sho crypto isakmp sa (PIX5525)

Total : 1

Embryonic : 0

dst src state pending created

x.x.x.x x.x.x.x QM_IDLE 0 1

Pls help me to slove the probllem

1 REPLY
New Member

Re: unable to ping inside host L2L VPN..URGENT

I suspect you have a NAT issue. Are you bypassing NAT for tunnel traffic?

Run "show ipsec sa" and see if you are getting packets encrypt and de-crypt on both sides of the tunnel.

Patrick

119
Views
0
Helpful
1
Replies
CreatePlease to create content