cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
336
Views
0
Helpful
2
Replies

Trouble with routing and a site to site tunnel.

warriorforGod
Level 1
Level 1

Here is the layout of all the pieces and how things should work.  I have a site to site vpn.  Site B's tunnel enpoint is 160.41.161.60.  I can see that the tunnel is up by running show isakmp sa.  I have a dedicated interface on the asa (tunnel0) which is hooked up to a 6506 with an ip address of 201.188.59.254.  I have a server that has 2 interfaces.  One of the interfaces on the server has an ip address of 201.188.59.100.  This server will need to be able to ssh into 2 machines at site b which have ip addresses of 160.41.15.103 and 160.41.15.104.  My problem lies in the routing at the asa to get traffic to these 2 ip addresses through the tunnel.

By default it tries to go out the outside interface which doesn't know how to get there, and I get Destination host unreachable.  I have also tried the following route entries with no success.

route tunnel0 160.41.15.0 255.255.255.0 201.188.59.254

route outside 160.41.15.0 255.255.255.0 201.188.59.254

Can anybody give me some pointers on what exactly is wrong?

2 Replies 2

cadet alain
VIP Alumni
VIP Alumni

Hi ,

could you post a topology diagram.

Which OS version of ASA are you running?

Regards.

Alain

Don't forget to rate helpful posts.

I am running asa version 7.0.8 for now.  Planning on upgrading to 8.0.2 in the next week or so.  Attached is a crude drawing of the layout.  I have no access to visio right now.

Review Cisco Networking for a $25 gift card