Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
318
Views
0
Helpful
2
Replies

ASA 5510 to Sonicwall TZ205 - Upgrade to ASA 9.1.6 breaks VPN Tunnel

Go to solution
Kevin Lotko
Level 1
Level 1

‎10-01-2015 12:40 PM

After upgrading from 8.4.5 to 9.1.6 my site to site tunnel between an ASA 5510 and a Sonicwall TZ 205 is "up" and I can ping each other's external interface however I can not ping LAN to LAN.

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
rvarelac
Level 7
Level 7

‎10-01-2015 04:00 PM

Hi Kevin ,

 

They should not be any difference on the VPN config between those versions ,  can you try to run a packet-tracer on the ASA or place a capture on the inside while sending traffic.

 

Example:

 

packet-tracer input  inside icmp < src IP> 8 0 <dst IP>

 

Capture vpn interface inside match ip host <src> host <dst>

 

 

Hope it helps

-Randy-

View solution in original post

0 Helpful
2 Replies 2

Go to solution
rvarelac
Level 7
Level 7

‎10-01-2015 04:00 PM

Hi Kevin ,

 

They should not be any difference on the VPN config between those versions ,  can you try to run a packet-tracer on the ASA or place a capture on the inside while sending traffic.

 

Example:

 

packet-tracer input  inside icmp < src IP> 8 0 <dst IP>

 

Capture vpn interface inside match ip host <src> host <dst>

 

 

Hope it helps

-Randy-

0 Helpful

Go to solution
Kevin Lotko
Level 1
Level 1

‎10-02-2015 11:49 AM

packet-tracer helped to figure out and understand what was causing the problem. Was related an unused crypto map configuration

0 Helpful
Customers Also Viewed These Support Documents