Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Monitoring IPSEC Site2site tunnel with SLA MONITOR on ASA

I've got site-to-site IPSEC VPN tunnel between two Cisco ASA.

My ASAs have the following LAN configuration :

ASA1 : lan ip address 172.16.1.1

ASA2 : lan ip address 172.16.2.1

From ASA2, I can test the VPN tunnel by using the follogin command :

ping inside 172.16.1.1

I would like to be able to use the SLA monitor feature to ping in to the tunnel too. I try the folowing commands on ASA2 :

sla monitor 2000

type echo protocol ipIcmpEcho 172.16.1.1 interface inside

frequency 60

sla monitor schedule 2000 life forever start-time now

track 1 rtr 2000 reachability

But I've got the following error message in logs :

Routing failed to locate next hop for icmp from NP Identity Ifc:172.16.2.1/0 to inside:172.16.1.1/0

Has anyone try to do some thing like that ?

772
Views
0
Helpful
0
Replies
CreatePlease login to create content