Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Site-to-site VPN between two ASAs, one does not encrypt traffic

Hello,

I have a site-to-site VPN established between two ASA firewalls. It was working fine for a while now, however VPN was brought down due to some other outage in the network. Now the VPN comes back up (both phases established), but I do NOT see "encaps", encrypts" on one ASA. That means one of the ASAs is not encrypting traffic, and so it gets dropped. I dont even see any hits on the crypto ACL of this ASA.

I have made sure that the inside traffic is not NATed and I have a route to remote network thorugh the interface where crypto is applied.

Does any one have any suggestions of how to debug/resolve this issue?

Thank you!

2 REPLIES

Re: Site-to-site VPN between two ASAs, one does not encrypt traf

check your asa is actually receiving the traffic to encrypt/send

Sent from Cisco Technical Support iPad App

Hall of Fame Super Silver

Site-to-site VPN between two ASAs, one does not encrypt traffic

Is the cryptomap acess-list being called by the tunnel in question at the errant end?

514
Views
0
Helpful
2
Replies
CreatePlease to create content