Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Attention: The Cisco Support Community site will be in read only mode on Dec14, 2017 from 12:01am PST to 11:30am for standard maintenance. Sorry for the inconvenience.

One way vpn communication

Hi,

I have a site-to-site vpn between ASA & PIX.  Configuration are perfectly alright. But the problem is only when i  initiate a traffic from PIX side the ASA side hosts respond. It is like 1  to 1 it response. i.e if PIX side host A initiatez a traffic to ASA  side host A, it will only respond to PIX side host A & not to all  other host. If other hosts has to respond from ASA side, all other hosts  in PIX side should initiate. Not sure what could be the problem here. Any ideas?

2 REPLIES
New Member

Re: One way vpn communication

I recommend you double check your crypto ACL's one more time and ensure your subnet masks are matching correctly. It sounds to me that once the IPSec SA is up traffic flows correctly. Also ensure that you dont have an interface ACL applied somewhere, because the ASA is stateful and therefore traffic could initiate a connection form one direction but it could fail in the other perhaps.

Let us know if you make progress.

Regards,
Uwe

New Member

Re: One way vpn communication

226
Views
0
Helpful
2
Replies
CreatePlease to create content