rvs4000 to rvs4000 VPN is up but can't access network resources
UPDATE: I got this to work. For anyone else having a similar problem, my mistake was the security groups. When I change the local & remote security group to subnet rather than IP everything started working.
I'm setting up a site to site VPN with 2 rvs4000 devices.
I have Network A with:
ISP Router: IP 68.x.x.x - ISP Gateway passing all traffic
Goes to a hub which splits to
Hardware Firewall: WAN IP 68.x.x.x/Gateway: ISP Router/LAN IP: 192.168.1.1
RVS4000: WAN IP 68.x.x.x/Gateway: ISP Router/LAN IP: 192.168.1.150
RVS4000: WAN IP 24.x.x.x/Lan IP: 192.168.0.1
VPN is up. I have a static route on the hardware firewall at Network A pushing traffic for 192.168.0.0 (Network B) to 192.168.1.150 (RVS4000 at Network A)
I can't use Network A's RVS4000 to ping the LAN IP of Network B's RVS4000 even though VPN says up.
I can't use Network B's RVS4000 to ping the LAN IP of Network A's RVS4000 even though VPN says up.
I can't ping any remote LAN IPs from the either opposite/remote site.
Both RVS4000 are in gateway mode.
Both RVS4000 have their firewalls disabled.
Both RVS4000 are allowing everything from LAN ->WAN and WAN->LAN
Any help on establishing LAN to LAN communication would be appreciated - I figure my setup is accurate considering the 2 boxes are connecting. Their security is set to "Local Security Group Type" IP Address / "Remote Security Group Type" IP Address.
The goal of this is to have RF scanners on Network B access a parent software system on Network A without running a VPN client on the scanner itself. I'm open to any ideas.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...