cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
600
Views
0
Helpful
2
Replies

IPSEC tunnel between ASA 5505 and ASA 5540

altaf007
Level 1
Level 1

We have a site-to-site VPN set up between our HQ (10.10.0.x) and a remote site (10.20.x.x). The HQ device is a ASA 5540, and the remote device is an ASA 5505. version ASA 7.2(2)

The tunnel is up and passing traffic. I can ping from any device on the HQ network to any device on the remote network. The problem is this:

I can not ping ASA 5505 LAN from HQS lan after five minutes of inactivity or no traffic between ASA 5505 and ASA 5540.

I chekced the tunnel and they are active on both ASA (remote and HQS).

My ping times out for atleast five minutes and then it started to ping again. I replicated same scenerio again .

Any idea what causing this issue. I am attaching ipsec configurations for ASA 5505 and ASA 5540

2 Replies 2

mattiaseriksson
Level 3
Level 3

Can you run a show crypto ipsec sa + show crypto isakmp sa and attach?

It's working now. There was a NAT issue in firewall. It's been fixed . Thanks for your help

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: