Hi, i have a site to site vpn stablished, the vpn works fine (while is up), i have a cisco asa 5520 and the other end of the vpn is a jupiter device that for technical reasons needs to send a continuos ping and when it does not receive a reponse back it brings down the vpn tunnel and reestablish it again. while the vpn is up traffic flows perfectly but because i m unable to repond to the ping the vpn is brought down as reestablished by the jupiter device. the jupiter device pings the encryption domain which is an ip that is natted to the real ip in the inside network. this is my configuration of the vpn:
AAA.AAA.AAA.AAA is the ASA public ip in the outside
BBB.BBB.BBB.BBB is the jupiter device ip (part of the object group IP_LIST)
i have tried to remove the all icmp restrictions and add and acl to permit icmp packages to CCC.CCC.CCC.CCC but still no luck, i do not even see the icnmp packages hitting the ASA (with debug icmp trace 127 nore terminal monitor). please let me know how to accomplish this. i want them to be able to ping the nat address CCC.CCC.CCC.CCC. thanks!!!
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :