Hi All, I've built a site 2 site IPsec tunnel between an ASA 5510 and a PIX. The tunnel is up, and for the most part traffic flows between source and destination LANs as expected. The problem is we need the ASA to send syslog messages across the VPN tunnel to a syslog server at the PIX site. If I get on a router at the ASA site, I can ping the syslog server at the PIX site. The following statement is in the ASA:
route outside pix.net.addr sub.net.mask next.hop
But in the ASA log I see "routing failed" messages for traffic from the ASA to the syslog server.
Apr 08 2010 08:32:01 ASA5510 : %ASA-6-110003: Routing failed to locate next hop for icmp from NP Identity Ifc:10.xx.x.xx/0 to inside:172.xx.x.xx/0
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...