Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

VPN with similar networks at either end - not working.

hi, i wonder if this will ring any bells to anyone.

i'm trying to set up a site to site vpn between a pix 501 and an asa 5505. the network on the asa side is and the network at the pix end is

from what i can see the tunnel comes up ok yet when i try to ping from the pix to i see packets encapsulating but not decapsulating and doing a sh access-list shows the hitcount rising.

strangely enough if i change the network to something entirely different like and configure it up that way it all works perfectly.

unfortunately the networks must be what they are so i can't change that.

been beating my head against this for 5 days now and at my wits end so any light anybody can shed on this will be most gratefully received!

many thanks in advance... dave


Re: VPN with similar networks at either end - not working.


If you can see the counters rising on the encapsulatiing, but not decapsulating - the issue is at the remote end.

I would check the following at both ends:-

1) Interesting traffic cryp[to map acl

2) no-nat acl

3) Static routes


CreatePlease to create content