Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
616
Views
0
Helpful
1
Replies

Can my side initiate a L2L VPN tunnel?

rimbertr1
Level 1
Level 1

‎10-12-2009 12:07 PM

We're using an ASA 7.0 to establish L2L VPN tunnels and I'd always have the remote side initiate the tunnel (say pinging our server from one of the customer's server) but I can never get the tunnel to establish by initiating it on our side (pinging the customer server from our server). I know about choosing the proper interface to ping from if using the ASA and that doesn't work either.

I remember finding a link that talked about this but I can't find it now. I think the link says the configurations on both sides have to match exactly but it still doesn't work for me.

It just seems that the tunnel can only be initiated by traffic from the remote side of the ASA (or the VPN Concentrator - which is what we used to use). But what is getting me more confused is, I have successfully set up two of our office sites with an ASA on both ends so where's the remote side of the ASA if both VPN peers are ASAs?

My crypto-map is already set to bidirectional (the default).

If someone can straighten this out or provide a link that can explain this, I'd really appreciate it!

Labels:
0 Helpful
1 Reply 1

rimbertr1
Level 1
Level 1

‎10-12-2009 01:50 PM

Ignore this. I was able to initiate the tunnel from my side.

0 Helpful
Customers Also Viewed These Support Documents