tunnel between asa5505 and Fortigate 80c up but no traffic
I have set up an ipsec tunnel between a Cisco ASA 5505 and a Fortigate 80c. The tunnel is set up as I execute pings from inside behind ASA to inside behind FG, however I cannot get connectivity to hosts behind the Fortigate (traffic is allowed through policies configured on the FG).
What I noticed in packet tracer is that traffic is dropped at the step 'Vpn lookup'
To troubleshoot I have configured a test ('fake') vpn connection through the vpn wizard and get the same result in packet tracer.
I run 8.4 software on the ASA and this is part of the relevant config:
access-list outside_cryptomap_1 extended permit ip 10.0.0.0 255.0.0.0 192.168.196.0 255.255.255.0
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...