Asymmetric NAT rules matched fo rforward and reverse flows
Hi everybody, i have a problem with a Site-to Site VPN connection between two ASA 5505 (ASA 8.2, ASDM 6.2) and i hope someone can help me. I have build the configuration on both devices (http://cisco.biz/en/US/docs/security/asa/asa82/getting_started/asa5580/quick/guide/sitvpn.html#wp1044213) . Under "Specifying Hosts and Networks / Remote Network" i use not the external ip of remote Site, i use the internal networks ( 10.0.1.0 and 10.0.2.0 ). I need connetion to two remote internal networks ( from 10.0.0.0 to 10.0.1.0 and 10.0.2.0 ). The Tunnel (Phase1 and Phase 2) comes up when i ping a host of the second (10.0.2.x) remote network, but a ping is not possible. Syslog says "Asymmetric NAT rules matched for forward and reverseflows; Connection for icmp src outside: 10.0.0.x dst dmz:10.0.1.x (type8, code 0) denied due to NAT reverse path failure ". On both Sites VPN connetions with Cisco VPN Clients are possible. Thanks to everyone for any ideas and help.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...