05-03-2012 04:20 PM
I have two 5510's that I am trying to get a tunnel established. One has an exsistinig tunnel to a 5505 that works but I cant get the next one to get past the first phase. I have sanitized the attached configs, can anyone see something obvious?
05-06-2012 11:54 AM
Change in 2twconfig.
nat (INSIDE,OUTSIDE) source static obj-192.168.76.0 obj-192.168.76.0 destination static Vallywood Vallywood
to
nat (INSIDE,OUTSIDE) 1 source static obj-192.168.76.0 obj-192.168.76.0 destination static Vallywood Vallywood
delete this
nat (INSIDE,any) source static obj-192.168.76.0 obj-192.168.76.0 destination static Vallywood Vallywood unidirectional
Do the same on 1twconfig
05-06-2012 04:30 PM
No luck, thank you for trying to help!
05-07-2012 06:46 AM
try also delete
group-policy GroupPolicy1 internal
group-policy GroupPolicy1 attributes
vpn-tunnel-protocol IPSec
HTH
05-07-2012 08:59 AM
Hi Charlie,
Your config looks fine on host:1.1.1.1VPN
object network obj-192.168.74.0
subnet 192.168.74.0 255.255.255.0
object network Timberlock
subnet 192.168.76.0 255.255.254.0
nat (inside,outside) source static obj-192.168.74.0 obj-192.168.74.0 destination static Timberlock Timberlock
-------------------------------------------------------------------------
likewise, config looks fine on on host: 2.2.2.2VPN
object network obj-192.168.76.0
subnet 192.168.76.0 255.255.254.0
object network Vallywood
subnet 192.168.74.0 255.255.255.0
access-list OUTSIDE_1_cryptomap extended permit ip object obj-192.168.76.0 object Vallywood Vallywood
But remove this line please from Host: 2.2.2.2VPN
nat (INSIDE,any) source static obj-192.168.76.0 obj-192.168.76.0 destination static Vallywood Vallywood unidirectional
Please add static routes below on both ASA.
on host: 2.2.2.2VPN
route OUTSIDE 192.168.74.0 255.255.255.0 2.2.2.X <- default-gateway.
on host:1.1.1.1VPN
route outside 192.168.76.0 255.255.254.0 1.1.1.X <- default-gateway.
Please update me.
Thanks
Rizwan Rafeek
05-09-2012 07:41 PM
Please rate helpful post.
thanks
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide