After working with Cisco TAC the issue seemed to be caused by having an IP SLA that was routing icmp traffic to the WAN interface while the primary track route was down, but was not allowed in the NAT list. Apparently Verizon does not like this and ...
What was your resolution? I have the correct scripts, dialer and config, but still flaps on Cell 0
*Feb 2 17:16:07.899 EST: %LINK-3-UPDOWN: Interface Cellular0, changed state to up*Feb 2 17:16:08.899 EST: %LINEPROTO-5-UPDOWN: Line protocol on Interf...
Try changing your NAT at site A from (outside1,outside1) to (inside,outside1).
Also can you post the show run crypto from both sides along with NAT, nonnat, split tunnel ACL and crypto ACL. Try and not change anything that's not specifically identia...
Hi sorry for dropping off. Been traveling etc. So looking at the icmp traces you ran it fails at the VPN Encrypt phase. Site B looks good as far as I can tell. However it looks like your site A trace your NAT is matching a ChinaSubnet which I did not...
That looks good. What version of ASA Code are you running? If you are running 8.3 and above you will need static NATs
8.3+ code NAT should look something like this.
Site A (interface name may vary for you)
nat (inside,outside) source static Remote...