Recently the customer started saying sometimes the call forwarding between sites isn't working correctly. Upon further testing, it seems that you have to ping to/from both ends of the Spokes before traffic will start passing through properly.
Site B wants to talk to Site C
I need to initiate a ping on Site B to Site C which fails
Initiate a ping on Site C to Site B and the first packet drops, then the rest go through
Initiate Ping on Site B to Site C and all works just fine.
Traffic going to/from Site A to/from any remote site (Sites B-E) works fine 100% of the time.
This is happening for all remote sites. When traffic has been initiated on both ends, it works just fine, but after a specific timeout it appears to stop working.
Probably something simple I'm missing. Any help is greatly appreciated.
(Also, kind of silly but I realize that I didn't need same-security-traffic on each spoke, correct?)
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...