09-24-2010 12:15 PM
Hi All,
I've setup L2L VPN between ASA and IOS, tunnel has been up and running but no traffic is encrypted in ASA and no traffic is decrypted in IOS router. In ASA I am using NAT, but in IOS router NAT is not being used and all traffic from router must be passed through tunnel.
any suggestion would be very appreciated.
Alex
09-24-2010 12:57 PM
hi alex,
are you doing nat for vpn traffic on the ASA or is it for the internet traffic?
wat is the crypto acl configured on both the sides?
also wat happens when vpn traffic is initiated from behind the router? do you see any encaps on the router and decaps on the ASA then?
amitashwa
09-24-2010 01:48 PM
Hi,
Change the ACL on asa and router as such :-
on asa ( outside interface a.b.c.d) :-
access-list crypto-acl ext per ip host a.b.c.d host x.y.z.u
there should be any no nat or nat exempt for traffic on asa that is going to the router.
on the router ( interface ip add x.y.z.u) :-
access-list crupto-acl ext per ip host x.y.z.u host a.b.c.d
This should work, if you have simillar setting but it isnt working then please post the configuration without public IP's for review.
Thanks
Manish
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide