Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
589
Views
10
Helpful
5
Replies

IPSEC TUNNEL IS UP AND CAN PING PEER TUNNEL BUT CANT PING DESTINATION

arjun_4790
Level 1
Level 1

‎12-15-2022 09:38 AM

Hello

i have configured IPsec tunnel between ASA and Branch router.

can ping peer tunnel and ping is not working from branch host to asa internal host but asa internal host can ping host in branch.

could anyone help with this??

i have shared tunnel configuration of ASA and Branch below

Thank you!!

Labels:
Preview file
57 KB
Preview file
52 KB
0 Helpful
5 Replies 5

balaji.bandi
Hall of Fame
Hall of Fame

‎12-15-2022 09:47 AM

what is the source IP and what is the Destination IP you trying to PING

how does your config looks like,

Branch side i see encrypting packet, i do not see any descrytpiton

at main ASA i dont see any of them.

so check the ACL and config again..make sure source and destination part of VPN domain.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

arjun_4790
Level 1
Level 1
In response to balaji.bandi

‎12-15-2022 10:11 AM

tunnel is up and acl's are also fine!

could u check acl which i have given below

0 Helpful

arjun_4790
Level 1
Level 1

‎12-15-2022 10:00 AM

source ip is 198.133.219.35 which is from branch and destination host ip is 192.168.10.1 internal host of ASA

acl of ASA:

access-list VPN extended permit ip host 192.168.10.1 host 198.133.219.35

acl of branch:

access-list 101 permit ip host 198.133.219.35 host 192.168.10.1

arjun_4790
Level 1
Level 1

‎12-15-2022 10:19 AM

Capture1.PNG

 

topology.

MHM Cisco World
VIP
VIP
In response to arjun_4790

‎12-15-2022 01:54 PM

there are many reason but 
can I see the ASA config ?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card