08-28-2007 07:10 AM - edited 03-11-2019 04:03 AM
We have a site-to-site VPN set up between our HQ (10.10.0.x) and a remote site (10.20.x.x). The HQ device is a ASA 5540, and the remote device is an ASA 5505. version ASA 7.2(2)
The tunnel is up and passing traffic. I can ping from any device on the HQ network to any device on the remote network. The problem is this:
I can not ping ASA 5505 LAN from HQS lan after five minutes of inactivity or no traffic between ASA 5505 and ASA 5540.
I chekced the tunnel and they are active on both ASA (remote and HQS).
My ping times out for atleast five minutes and then it started to ping again. I replicated same scenerio again .
Any idea what causing this issue. I am attaching ipsec configurations for ASA 5505 and ASA 5540
08-29-2007 05:22 AM
Can you run a show crypto ipsec sa + show crypto isakmp sa and attach?
08-29-2007 10:57 AM
It's working now. There was a NAT issue in firewall. It's been fixed . Thanks for your help
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide