cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
139
Views
0
Helpful
0
Replies

Error Vpn site-to-site connected but no network access between asa 5505 and rv130w

I created a VPN site-to-site between a ASA5505 and rv130w, but a network does not communicate with each other.

Help me please.

Configurations of ASA 5505:

IP WAN: xxx.xxx.xxx.xxx
IP do Peer: xxx.xxx.xxx.xxx
Pré-Shared Key: xxxxxx
TunelGroup Name: VPN_LOJA
IKE Policy
Encryptation: 3DES
Authentication: SHA
DH Group:2

IPsec Policy
Encryptation: 3DES
Authentication: SHA
PFS: Enabled
DH Group:2
Local Address: 192.168.1.0/24
Remote Address: 192.168.0.0/24

Configurations of RV130W:

Ike Policy Configuration

IKE Policy Configuration

 Edit VPN Policy Configuration:

 Edit VPN Policy Configuration

 Edit VPN Policy Configuration

Commands of ASA 5505

Result of the command: "show crypto isakmp sa"

Active SA: 1
Rekey SA: 0 (A tunnel will report 1 Active and 1 Rekey SA during rekey)
Total IKE SA: 1

1 IKE Peer: 179.159.73.226
Type : L2L Role : responder
Rekey : no State : MM_ACTIVE

Result of the command: "show crypto ipsec sa"

interface: outside
Crypto map tag: outside_map, seq num: 1, local addr: 187.11.204.223

access-list outside_1_cryptomap permit ip 192.168.1.0 255.255.255.0 Filial_Indaia 255.255.255.0
local ident (addr/mask/prot/port): (192.168.1.0/255.255.255.0/0/0)
remote ident (addr/mask/prot/port): (Filial_Indaia/255.255.255.0/0/0)
current_peer: 179.159.73.226

#pkts encaps: 0, #pkts encrypt: 0, #pkts digest: 0
#pkts decaps: 0, #pkts decrypt: 0, #pkts verify: 0
#pkts compressed: 0, #pkts decompressed: 0
#pkts not compressed: 0, #pkts comp failed: 0, #pkts decomp failed: 0
#pre-frag successes: 0, #pre-frag failures: 0, #fragments created: 0
#PMTUs sent: 0, #PMTUs rcvd: 0, #decapsulated frgs needing reassembly: 0
#send errors: 0, #recv errors: 0

local crypto endpt.: 187.11.204.223, remote crypto endpt.: 179.159.73.226

path mtu 1492, ipsec overhead 58, media mtu 1500
current outbound spi: 306E9824

inbound esp sas:
spi: 0x17A2C960 (396544352)
transform: esp-3des esp-sha-hmac no compression
in use settings ={L2L, Tunnel, PFS Group 2, }
slot: 0, conn_id: 704512, crypto-map: outside_map
sa timing: remaining key lifetime (sec): 27819
IV size: 8 bytes
replay detection support: Y
Anti replay bitmap:
0x00000000 0x00000001
outbound esp sas:
spi: 0x306E9824 (812554276)
transform: esp-3des esp-sha-hmac no compression
in use settings ={L2L, Tunnel, PFS Group 2, }
slot: 0, conn_id: 704512, crypto-map: outside_map
sa timing: remaining key lifetime (sec): 27819
IV size: 8 bytes
replay detection support: Y
Anti replay bitmap:
0x00000000 0x00000001

Result of the command: "packet-tracer input inside icmp 192.168.1.8 0 0 192.168.0.2"

Phase: 1
Type: FLOW-LOOKUP
Subtype:
Result: ALLOW
Config:
Additional Information:
Found no matching flow, creating a new flow

Phase: 2
Type: ROUTE-LOOKUP
Subtype: input
Result: ALLOW
Config:
Additional Information:
in 0.0.0.0 0.0.0.0 outside

Phase: 3
Type: ACCESS-LIST
Subtype:
Result: DROP
Config:
Implicit Rule
Additional Information:

Result:
input-interface: inside
input-status: up
input-line-status: up
output-interface: outside
output-status: up
output-line-status: up
Action: drop
Drop-reason: (acl-drop) Flow is denied by configured rule

0 Replies 0