cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
492
Views
0
Helpful
2
Replies

One way vpn communication

Anand Narayana
Level 6
Level 6

Hi,

I have a site-to-site vpn between ASA & PIX.  Configuration are perfectly alright. But the problem is only when i  initiate a traffic from PIX side the ASA side hosts respond. It is like 1  to 1 it response. i.e if PIX side host A initiatez a traffic to ASA  side host A, it will only respond to PIX side host A & not to all  other host. If other hosts has to respond from ASA side, all other hosts  in PIX side should initiate. Not sure what could be the problem here. Any ideas?

2 Replies 2

uwkleinh
Cisco Employee
Cisco Employee

I recommend you double check your crypto ACL's one more time and ensure your subnet masks are matching correctly. It sounds to me that once the IPSec SA is up traffic flows correctly. Also ensure that you dont have an interface ACL applied somewhere, because the ASA is stateful and therefore traffic could initiate a connection form one direction but it could fail in the other perhaps.

Let us know if you make progress.

Regards,
Uwe

terrygwazdosky
Level 1
Level 1
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: