Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ASA5510 Site2Site Wizard

I am trying to connect our site to a remote site using the Site2Site VPN wizard.  I got the IPSEC tunnel connected without issues..

The problem is that I can't ping from one network to the other...

This is out layout..

10.10.x.x/16 - - ASA5510(site1) <==> ASA5510(site2) - - 10.50.x.x/16

When I ping from the nearest switch to the ASA on 10.10.x.x network to 10.50.x.x, the ASDM syslog output says..

3  Feb 21 2012  20:51:56  10.10.x.x  10.50.x.x  Deny inbound icmp src inside:10.10.x.x dst inside:10.50.x.x (type 8, code 0)

Any advice is greatly appreciated..

Thanks!!!

1 REPLY
New Member

ASA5510 Site2Site Wizard

I am guessing you have a route on your ASA5510 that routes 10.0.0.0/8 to the inside.  What you will need to do is add a static route for 10.50.0.0/16 and point it toward your ISP.  The error message you are seeing is saying that (as far as it knows) traffic is going from 'inside' to 'inside' which really isn't possible without some out of the ordinary configuration on the ASA.

Hope this helps.

Matt

281
Views
0
Helpful
1
Replies