I have a serios problem debugging an Site-toSite VPN Tunnel issue and hope to find some help here.
Let me first explain the preconditions:
The tunnel is established between ASA5505 and ASA5510. On both devices runs the 8.4.1 Software. On ASA5510 site I use B-Class network devided in several C-Class networks (172.20.0.0/16 devidet in 172.20.10.0/24, 172.20.20.0/24 and so on). The other site is a smaller Network with 172.16.1.1/28.
I created on both sites the tunnel specific configuration and everything work's fine, the tunnel comes up and traffic flows.
So far so good, but now the problem:
After adding one more C-Class network to the cryptomaps, there was no traffic flow possible between this C-Class network and the other Site, the other traffic flows like before. Exchanging this C-Class network by another everything is fine, traffic flows. If I substitute in my cryptomaps all the C-Class networks with the B-Class network, I was able to pass traffic from the non-working C-Class network to the other Site.
So, only this one specific C-Class network won't work properly.
I begin to debug this by myself but become stuck on this point
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :