05-03-2012 04:20 PM
I have two 5510's that I am trying to get a tunnel established. One has an exsistinig tunnel to a 5505 that works but I cant get the next one to get past the first phase. I have sanitized the attached configs, can anyone see something obvious?
05-06-2012 11:54 AM
Change in 2twconfig.
nat (INSIDE,OUTSIDE) source static obj-192.168.76.0 obj-192.168.76.0 destination static Vallywood Vallywood
to
nat (INSIDE,OUTSIDE) 1 source static obj-192.168.76.0 obj-192.168.76.0 destination static Vallywood Vallywood
delete this
nat (INSIDE,any) source static obj-192.168.76.0 obj-192.168.76.0 destination static Vallywood Vallywood unidirectional
Do the same on 1twconfig
05-06-2012 04:30 PM
No luck, thank you for trying to help!
05-07-2012 06:46 AM
try also delete
group-policy GroupPolicy1 internal
group-policy GroupPolicy1 attributes
vpn-tunnel-protocol IPSec
HTH
05-07-2012 08:59 AM
Hi Charlie,
Your config looks fine on host:1.1.1.1VPN
object network obj-192.168.74.0
subnet 192.168.74.0 255.255.255.0
object network Timberlock
subnet 192.168.76.0 255.255.254.0
nat (inside,outside) source static obj-192.168.74.0 obj-192.168.74.0 destination static Timberlock Timberlock
-------------------------------------------------------------------------
likewise, config looks fine on on host: 2.2.2.2VPN
object network obj-192.168.76.0
subnet 192.168.76.0 255.255.254.0
object network Vallywood
subnet 192.168.74.0 255.255.255.0
access-list OUTSIDE_1_cryptomap extended permit ip object obj-192.168.76.0 object Vallywood Vallywood
But remove this line please from Host: 2.2.2.2VPN
nat (INSIDE,any) source static obj-192.168.76.0 obj-192.168.76.0 destination static Vallywood Vallywood unidirectional
Please add static routes below on both ASA.
on host: 2.2.2.2VPN
route OUTSIDE 192.168.74.0 255.255.255.0 2.2.2.X <- default-gateway.
on host:1.1.1.1VPN
route outside 192.168.76.0 255.255.254.0 1.1.1.X <- default-gateway.
Please update me.
Thanks
Rizwan Rafeek
05-09-2012 07:41 PM
Please rate helpful post.
thanks
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: