#pkts not compressed: 9, #pkts comp failed: 0, #pkts decomp failed: 0 #pkts compressed: 0, #pkts decompressed: 0 #pkts decaps: 9, #pkts decrypt: 9, #pkts verify: 9 #pkts encaps: 9, #pkts encrypt: 9, #pkts digest: 9 Sending 5, 100-byte ICMP Echos to 192.52.128.1, timeout is 2 seconds: In short I need to figure out why the VPN tunnel shows as up, and I can ping the remote gateway from the ASA, but devices on my network cannot ping the remote gateway through the Ethernet0/0 int on the ASA. I'm trying to except both sides of the VPN traffic in and out on Ethernet0/0 I saw there was a setting for this "Permit communication between VPN peers connected to the same interface" and I have enabled that option. My network is not setup with a DMZ so it's something like this, with the ASA ethernet0/0 and my LAN on the same subnet: I've also noticed that the ACL's for NAT don't appear to be increasing in hit count either so, it really seems there's just one little thing missing to make the ASA except and encrypt traffic coming in on ethernet0/0: So it just seems like the ASA is not excepting the VPN traffic being pushed to it on ethernet0/0 or at least it's not encrypting it. The remote router is obviously working fine, my route statement on my router to push vpn traffic through the ASA ip address (same ip address that was used by the 1751) is obviously working. If I don't make any changes aside from going to the computer room and changing the network cable over to the 1751 then through the 1751 I can now ping the remote gate way from my computer. If I try to ping from a local computer I get a "Request timed out". I can telnet to the ASA and ping the remote gateway on the peer side of the VPN and it pings fine. I have the VPN configured on the ASA and it says the tunnel is up. I had a site to site VPN setup via to 1751 routers which was working fine, but we're looking to add some more remote field offices and I felt it would be easier to maintain multiple site to site's on the ASA 5510. Ok my forehead is sore from all the keyboard pounding I know this has got to be something simple but I'm brand new to ASA's.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |