There is not enough information provided for us to know what the problem is or how to fix it. I can suggest several things to check. If you can check them and can provide some additional information we may be able to give you better help:
- has site A had any connectivity to the Head Office before this?
- does site A have any outside connectivity other then its VPN connection to site B?
- does site A have routing statements that would send traffic for the Head Office through the VPN to site B?
- typically a VPN has access lists that are used to identify traffic that should be processed by the VPN. Do the VPN access rules at site A and at site B include traffic from site A to the Head Office and response traffic?
- does the Head Office have routing statements that would send traffic to site A through its connection to site B?
- I am a little confused. I believe that you describe a VPN between site A and site B, and you describe a leased line from site B to the Head Office. And you describe a PIX at the Head Office. Is there a VPN between site B and the Head Office PIX or is the PIX simply a firewall? And how does traffic from the site B leased line get to the PIX, is there some router or something that gets traffic from the leased line to the PIX?
- does the PIX at the Head Office have access rules that would permit traffic from site A to pass through and get to the network at the Head Office and for response traffic to go through?
- is the PIX at the Head Office doing address translation for the remote sites? If so are there translation rules for traffic to and from site A? If the PIX is not translating traffic for the remote sites are there NAT exemptions for the traffic to site A?
If you check and can tell us these things we may be able to help you with this issue.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :