Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
477
Views
0
Helpful
1
Replies

Cisco ASA Site-to-Site with UC540 routing issue

chris
Level 1
Level 1

‎12-05-2012 06:28 PM - edited ‎03-11-2019 05:33 PM

We are setting up a new phone system using the UC540 with a VPN connection between 2 buildings using 2 Cisco ASA 5505's at either end.

The problem I am having is getting the phones at the remote site to connect to the UC540 at the main site.

Phones/Computers (10.0.1.0/24) -- ASA -------------VPN Tunnel------------- ASA -- UC540 -----------Data Vlan1 (10.0.0.0/24)

                                                                                                                                 |------Voice Vlan100 (10.1.1.0/24)

What i am told by UC500 support is that the phones at the remote site will connect if they have connectivity to the TFTP subnet on the UC540, which is 10.1.10.0/30

I added the static route on the ASA and I can ping the 10.1.10.1 TFTP server on the UC540 from the ASA, but not for any other device on the 10.0.0.0/24 network, such as the DC.  I added the static route there and was able to ping, so something in the ASA seems to be preventing it. 

I also can't seem to get the ASA at the remote site to ping 10.1.10.1.  I've tried adding the static route there in hopes it would forward it through the VPN tunnel.

Any help would be greatly appreciated 

Labels:
0 Helpful
1 Reply 1

mwinnett
Level 3
Level 3

‎12-11-2012 01:07 AM

Chris, can you share the configs and "sh cry ips sa" output, please ? Matthew

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card