03-12-2009 05:53 PM
I have an ASA 5510 that has Remote Access VPN and a Lan-To-Lan set up and working great. Local nets and users on the RA net can access networks across the Lan-To-Lan no issues. I added a second Lan-To-Lan to another site and only the local network can access the remote network. Remote Access users can not. They can still access the original tunnel network, but not the second tunnel network.
The other end in this case is a Juniper firewall. Any ideas? My crypto map has the two L2L tunnels listed first and then the RA tunnel. Again, this works great on another L2L, just not this new one.
03-12-2009 08:22 PM
You need to make sure that this particular lan to lan tunnel contains the pool of the vpn client defined as part of the local network going to the remote (juniper side) network and the remote juniper should have the same in a mirrored way.
03-13-2009 04:34 AM
It does. It is configured for the local net and the RA net to communicate with teh network on the remote end. Another L2L tunnel on the same ASA works fine, but this one to the Juniper does not. Any known issues with Tunnels to Juniper FW's?
03-13-2009 08:02 AM
Hi,
It might be worth looking at the actual subnets that have been negotiated in the SA for each peer. Type
sh crypto ipsec sa
and check the lines "local ident" for each peer. For the first L2L tunnel what is it negotiated (maybe 0.0.0.0?)
It might just be the remote end hasn't configured your RA pool.
Regards
03-13-2009 08:22 AM
Thanks James. The negotiated SA shows the correct subnets configured but shows errors related to the RA network SA so it seems the problem is on the Juniper side. The admin on the other end says the network/mask is correct but unfortunately I don't have access to confirm that.
03-13-2009 08:26 AM
can you post your config, along with the show crypto ipsec sa
03-13-2009 09:14 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide