Hello,grasse = remote site

fbruscia06 · ‎10-05-2015

Hello,

Lab GNS3:

My topology is one ASA5520 connecting to interface outside and inside for my vpn ipsec remote site and local interface.

3 interfaces :

outside = 192.168.10.2 ( it is bridge with my PC linux), my bridge = 192.168.10.99---my box gw 192.168.10.1

inside = 1.1.1.254-------vpn ipsec------router c3700-1.1.2.254----.inside 192.168.2.254

local = 192.168.1.254---------PC virtual 192.168.1.10

Ping is correct from my ASA to 8.8.8.8

Ping is correct from my site local to my site remote on the VPN Ipsec tunnel.

but ping is KO when i try to ping from my remote site (192.168.2.254) to outside (ex:8.8.8.8)

test with packet tracer in the log i have this message :

regular translation creation failed for icmp src inside:192.168.2.254 dst outside:8.8.8.8 (type 0, code 0)

When i ping from my remote site to 8.8.8.8, i don't have any message in my syslog but my vpn tunnel is up,

why the ping from my remote 192.168.2.0 to 8.8.8.8 (outside) doesn't work ?

Regards,

fbruscia06 · ‎10-07-2015

Hello,

grasse = remote site 192.168.2.0

local_site= 192.168.1.0

i add this :

: nat (inside,outside) source static site_local site_local destination static grasse grasse

the packet tracer is correct now, i ping from my inside interface with ip 192.168.2.1 to 8.8.8.8

i don't have the msg syslog error (regular..) but when i try ping from my remote router (192.168.2.254 or pc 192.168.2.1) to 8.8.8.8 doesn't work.

Thank you .

ASA5520 with VPN, from my remote site impossible to ping to outside (web)