Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Trouble with site to site vpn with 2 asa's

I have been trying many different ways to get this to work but have been unable to. After 8 hours I literally have a headache and have to step away for a minute.  I just realized I needed to ping between the tunnels to bring it up but still am unable to. Can anyone take a look and tell me where i've gone wrong?  Im trying to configure a site to site vpn betwen :

ASA_A

outside interface 5.179.17.66

inside interface 10.1.1.1

ASA B

outside interface 5.81.57.19

inside interface 10.1.2.1

1 ACCEPTED SOLUTION

Accepted Solutions

Trouble with site to site vpn with 2 asa's

Frist why do you have two DG on box-

route outside 0.0.0.0 0.0.0.0 5.179.121.65 1

route outside 0.0.0.0 0.0.0.0 5.179.17.65 1

Fix it both end then it should work .

Thanks

Ajay

4 REPLIES

Trouble with site to site vpn with 2 asa's

Frist why do you have two DG on box-

route outside 0.0.0.0 0.0.0.0 5.179.121.65 1

route outside 0.0.0.0 0.0.0.0 5.179.17.65 1

Fix it both end then it should work .

Thanks

Ajay

New Member

Re: Trouble with site to site vpn with 2 asa's

I just took over managing this device and have overlooked this part of the config. I am not sure why that part of the config would be there. There is just 1 route out to the internet from this device and there is no failover configured. I know you can have a backup static route with a higher metric, but is there any reason that there would be a duplicate other than out of error?

Trouble with site to site vpn with 2 asa's

You should keep one DG remove the unused.

New Member

Trouble with site to site vpn with 2 asa's

Thank you, this seemed to resolve the issue.

298
Views
0
Helpful
4
Replies
CreatePlease login to create content