Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

ASA 5520 Denying All Tunneled IP Traffic

250 remote sites use ezvpn to connect back to ASA 5520. Tunnels show active but do not pass any IP traffic. The only way to resolve issue is to "clear crypto ipsec sa". Don't know why this keeps occuring. Logs show messages of denying traffic for ex:

Feb 11 2008 14:42:42: %ASA-3-106014: Deny inbound icmp src outside:172.16.123.205 dst inside:x.x.x.x (type 8, code 0)

Feb 11 2008 14:42:42: %ASA-2-106006: Deny inbound UDP from x.x.x.x/2442 to 172.16.124.129/161 on interface inside

Running 7.2(2) code. Has anyone seen this before and know what the problem is?

Thanks

2 REPLIES
Anonymous
N/A

Re: ASA 5520 Denying All Tunneled IP Traffic

Try adding a PAT entry for the pool subnet from outside interface.also check if there is any routing problems

New Member

Re: ASA 5520 Denying All Tunneled IP Traffic

Upgrade to the latest version 8.0

184
Views
0
Helpful
2
Replies
CreatePlease to create content