Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
713
Views
0
Helpful
2
Replies

ASA RRI on L2L VPN w/NAT

Go to solution
Darren Roback
Level 5
Level 5

‎06-26-2012 11:56 AM

I have a L2L VPN tunnel on a Cisco ASA 5520 that I'm trying to get RRI to work on. On my cryptomap ACL I have defined a local object-group and a remote object-group, and I'm performing one-to-one NAT on the local group. I also have a route map configured that will take the static routes and redistribute them into my EIGRP AS. Two things I've noticed -1, I'm not seeing any static routes on my ASA that point to the remote subnets, and 2, the ACL that I've used in my route map definition is not getting any hits on it.

Any thoughts on where I may be going wrong?

Thanks,

Darren

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee

‎06-26-2012 06:24 PM

Do you have the following configured:

crypto map set reverse-route

If you do, can you remove it and re-add it and see if that resolve the issue?

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee

‎06-26-2012 06:24 PM

Do you have the following configured:

crypto map set reverse-route

If you do, can you remove it and re-add it and see if that resolve the issue?

0 Helpful

Go to solution
Darren Roback
Level 5
Level 5
In response to Jennifer Halim

‎06-27-2012 05:40 AM

Hi Jennifer -

I figured it out. Somehow my crypto map ACL dropped. I did have the reverse-route command specified, and once I reapplied my crypto map ACL everything took off.

Thanks for the reply!

Darren

0 Helpful
Customers Also Viewed These Support Documents