12-07-2011 02:21 PM
Hello,
I have a site-to-site VPN established between two ASA firewalls. It was working fine for a while now, however VPN was brought down due to some other outage in the network. Now the VPN comes back up (both phases established), but I do NOT see "encaps", encrypts" on one ASA. That means one of the ASAs is not encrypting traffic, and so it gets dropped. I dont even see any hits on the crypto ACL of this ASA.
I have made sure that the inside traffic is not NATed and I have a route to remote network thorugh the interface where crypto is applied.
Does any one have any suggestions of how to debug/resolve this issue?
Thank you!
12-08-2011 02:42 AM
check your asa is actually receiving the traffic to encrypt/send
Sent from Cisco Technical Support iPad App
12-08-2011 11:08 AM
Is the cryptomap acess-list being called by the tunnel in question at the errant end?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: