Can ping across tunnel from router but not from other pc/server behind tunnel
Information: I have an Amazon VPC setup that is connected to another company's VPN. It's done with isakmp, bgp, gre, with two tunnels. I'm using the Cisco CSR1000V on Amazon, connected to it via Putty (SSH).
The router and tunnel setup all works correctly. From the router on my side (Amazon) I can ping any device over the tunnel successfully. Phase1/2/3 are all working correctly.
I can ping my router from the window servers but I can't ping across the tunnel from the windows server. I can ping the windows server from the router too.
Question: What can I do to allow access across the tunnel for the windows server? It seems like it must be a router setting that I am missing.
Here's a list of things that I've tried so far:
Adding the private IPs to the access-list
I've allowed all types of traffic to all sources/destinations on Amazon's firewall
I added static routing to 10.48.0.0 255.255.255.240 in the windows server to gateway 10.48.253.5
My IP address setup:
Windows server: 10.48.252.5
Across the tunnel device I'm trying to ping: 10.48.0.1
This is the IP I can ping from the router but not from the windows server
I've attached the router configuration and detailed interface configuration.
Do u have any NAT configuration which affects your LAN traffic. If so you may need to create the NAT exemption rule for the private ranges. All you need to create an no NAT rule and assign that to outside interface. There should not be a problem with routing since you are able to reach it from the router to end systems and from LAN to your router.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...