Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Site to Site VPN Issue!! HELP

Hi,

I have a weird problem with our Branch to Branch VPN. Please find details below

1. Details:

* Site 1 wants to use a oracle web based application hosted at Site-2. VPN is set and both the sides can ping each other but Site-1 cannot access the oracle application.

2. Troubleshooting

a. Can ping the IP of the application server at site-2 (10.200.0.11)

b. Added a hosts entry at Site-1 client PCs, can ping the domain name of 10.200.0.11

c. In the browser when typing the IP or the hostname of the application server gives the following error:

Network Error (tcp_error)

A communication error occurred: "Operation timed out"

The Web Server may be down, too busy, or experiencing other problems preventing it from responding to requests. You may wish to try again at a later time.

Appreciate if someone can assist me in this. Attached diagram and running-config file.

Regards

Sarf

2 REPLIES

Re: Site to Site VPN Issue!! HELP

First, see if you can ping this same host with a packet size of 1500, if not then we might be running into a packet size issue, also gather logs from the ASA and try to post the remote peer configuration as well. In this case I gather this ASA is where the client is located and we don't have the config from where the server is hosted.

New Member

Re: Site to Site VPN Issue!! HELP

Do you have http enable on the server?

Open ASDM run a packet trace using www port and it should tell you where the problem is or give a good idea of where to start tshooting.

Also check to see if you have the crypto ipsec df-bit cofigured on the other side - if you do it should be configured on both sides.

Send the config from the other side also.

117
Views
0
Helpful
2
Replies