Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
176
Views
0
Helpful
2
Replies

2 ASA site vpn is up but not traffic is passing

Sheraz.Salim
VIP
VIP

‎02-23-2016 11:45 PM

Hi All.

we are setting up a vpn site to site between two ASA. i can see from the CLI that vpn phase 1 and phase 2 pass sucessfully. but interesting traffic is not passing through. we setup ASA vpn via ASDM. we also done a packet trace and packet tracer output is pass with intersting traffic.

i spent 7 house with no lucky kindly please help. but site have nat (inside,outside) source static DM_INLINE_NETWORK_17 DM_INLINE_NETWORK_17 destination static NETWORK_OBJ_10.13.136.0_24 NETWORK_OBJ_10.13.136.0_24 no-proxy-arp route-lookup

any advise would be life saving for me.

please do not forget to rate.
Labels:
0 Helpful
2 Replies 2

Dinesh Moudgil
Cisco Employee
Cisco Employee

‎02-24-2016 09:54 AM

Hi sherazrose,

Your natting looks good but we will need more information to isolate the issue.


What you need to do is run the command and share the output:

packet-tracer input inside icmp h.h.h.h 8 0 x.x.x.x detailed

where h.h.h.h is local interesting traffic IP and x.x.x.x being remote interesting traffic IP.

How many tunnels do you have on the ASA?
Can you share the sanitized config output from the device.?

Regards,
Dinesh Moudgil

P.S. Please rate helpful posts.Hi sherazrose,

Cisco Network Security Channel - https://www.youtube.com/c/CiscoNetSec/
0 Helpful

Sheraz.Salim
VIP
VIP
In response to Dinesh Moudgil

‎02-26-2016 06:54 AM

Hi. I fix the problem. actually it was an interall routing issue. What i did  i just gave a static route pointing to the inside asa interface and it fix the problem.

please do not forget to rate.
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents