Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Attention: The Community will be in read-only mode on 12/14/2017 from 12:00 am pacific to 11:30 am.

During this time you will only be able to see content. Other interactions such as posting, replying to questions, or marking content as helpful will be disabled for few hours.

We apologize for the inconvenience while we perform important updates to the Community.

New Member

Can my side initiate a L2L VPN tunnel?

We're using an ASA 7.0 to establish L2L VPN tunnels and I'd always have the remote side initiate the tunnel (say pinging our server from one of the customer's server) but I can never get the tunnel to establish by initiating it on our side (pinging the customer server from our server). I know about choosing the proper interface to ping from if using the ASA and that doesn't work either.

I remember finding a link that talked about this but I can't find it now. I think the link says the configurations on both sides have to match exactly but it still doesn't work for me.

It just seems that the tunnel can only be initiated by traffic from the remote side of the ASA (or the VPN Concentrator - which is what we used to use). But what is getting me more confused is, I have successfully set up two of our office sites with an ASA on both ends so where's the remote side of the ASA if both VPN peers are ASAs?

My crypto-map is already set to bidirectional (the default).

If someone can straighten this out or provide a link that can explain this, I'd really appreciate it!

New Member

Re: Can my side initiate a L2L VPN tunnel?

Ignore this. I was able to initiate the tunnel from my side.

CreatePlease to create content