Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
652
Views
0
Helpful
2
Replies

Cisco 5505 ASDM Site to Site VPN static route?

Go to solution
romatlo00
Level 1
Level 1

‎02-19-2018 05:06 AM - edited ‎02-21-2020 07:22 AM

Hello folks,

 

I am training myself (with youtube) on how to use a Cisco ASA 5505.

I just created a site to site VPN to my Palo Alto 200 from ASDM wizard.  The tunnel is up and green according to PA but unable to ping any local IPs from either side.  It's typical to create a static route on the PA side, which I've done. 

 

Do I need to create a static route on the ASDM to enable communication?  What gateway ip would I use?

I feel like I am really close to getting this to work!  Any comments or suggestions?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Rob Ingram
VIP
VIP

‎02-19-2018 05:40 AM

Hi,
You do not need a static route on 5505 ASA, the ASA will know how to route traffic over the VPN to the PA via the ACL you defined to specify the src/dst subnets. You can use packet tracer tool to help troubleshoot further.

HTH

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Rob Ingram
VIP
VIP

‎02-19-2018 05:40 AM

Hi,
You do not need a static route on 5505 ASA, the ASA will know how to route traffic over the VPN to the PA via the ACL you defined to specify the src/dst subnets. You can use packet tracer tool to help troubleshoot further.

HTH
0 Helpful

Go to solution
romatlo00
Level 1
Level 1
In response to Rob Ingram

‎02-19-2018 06:47 AM

Thank you for responding.  I need to take some training on this ASA.

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card