cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Please be advised, the GuideMe Wizard is no longer available on the Small Business Support Community. For search capability please use the community search field to find content related to Cisco Small Business documents, videos, and discussions.
501
Views
0
Helpful
1
Replies
Beginner

ISA570W Times 3 VPN will not ping both ways

OK guys I need some help please. I can't seem to figure out what the heck is going on here. I have 3 Cisco ISA570W and it seems i can't get help from Cisco support on them anymore. I created Vpn's on all 3 of them. 

 

Router 1

72.17.56.X wan1 

local network 10.115.0.0

remote network 10.114.0.0

Router 2

24.227.56.x 

local network 10.114.0.0

remote network 10.115.0.0

Router 3

96.74.192.x

local network 10.114.1.0

remote network 10.114.0.0

default trans

 

Does not matter if I have Nat on or off

 

They connect fine. I can ping devices from router 1 and 3 to Router 2 but not anything from Router 2 to 1 and 3. What am i missing here 

 

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Cisco Employee

Re: ISA570W Times 3 VPN will not ping both ways

Hi,

I hope you are using the Netmask of /24 for all the LAN Network. As the VPN are established on all the 3 Routers and you are able to ping the devices on the Router 2 so you may verify the ‘Access List’ settings on the ‘Router 1’ and ‘Router 3’ to confirm that whether any specific traffic is getting blocked due to the ‘deny’ rules on the ‘Access List’.

 

Also please verify that you are able to ping the LAN interface (advertise on the VPN) over the VPN of all the Routers from any of the three mentioned Routers. And please make sure the default gateway on the users is configured as the LAN interface IP for the respective Router.

1 REPLY 1
Highlighted
Cisco Employee

Re: ISA570W Times 3 VPN will not ping both ways

Hi,

I hope you are using the Netmask of /24 for all the LAN Network. As the VPN are established on all the 3 Routers and you are able to ping the devices on the Router 2 so you may verify the ‘Access List’ settings on the ‘Router 1’ and ‘Router 3’ to confirm that whether any specific traffic is getting blocked due to the ‘deny’ rules on the ‘Access List’.

 

Also please verify that you are able to ping the LAN interface (advertise on the VPN) over the VPN of all the Routers from any of the three mentioned Routers. And please make sure the default gateway on the users is configured as the LAN interface IP for the respective Router.