Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Routing with ASA 5505:

My requirement is for the public ip address for my VPN traffic to be different than the rest of my internet traffic.  So I configured an ASA 5505 as a VPN device with outside interface with public ip address and inside interface 192.168.1.5.  I configured another ASA5505 as default gateway 192.168.1.1 and a public ip address for Outside interface.  I have a route on the default gateway (192.168.1.1) which states for  10.0.0.0/24 use 192.168.1.5.  For some reason, this configuration does not work.  Both routers can ping each other.  Any ping to 10.0.0.X gets timed out.  PLease explain why this config would not work and please suggest alternatives.  THanks

5 REPLIES
New Member

What is the SRC and DST of

What is the SRC and DST of the failed pings?  Also, where does the 10.0.0.0/24 reside?

 

Thanks,

Jason

New Member

10.0.0.0/24 is a network off

10.0.0.0/24 is a network off a site-to-site vpn.  SRC is any host on the LAN 192.168.1.x and DST is and host on 10.0.0.0/24.  The thought was that traffic to 10.0.0.0 network would go to default gateway (192.18.1.1) and then based on the static route would get redirected to 192.168.1.5.

New Member

Is the traffic going over the

Is the traffic going over the VPN ?  And if so, do you see encap and decap in the sh IPSec sa?  Also, Is there a routes in place for the return traffic to follow a similiar path?

New Member

Is the traffic going over the

Is the traffic going over the VPN ?  And if so, do you see encap and decap in the sh IPSec sa?

New Member

Just checking to see if the

Just checking to see if the problem has been resolved?

91
Views
0
Helpful
5
Replies