Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
261
Views
0
Helpful
1
Replies

Multi-site VPN on ASA

wedwardsvt
Level 1
Level 1

‎07-11-2014 10:49 AM

I have kind of a unique architecture and need to terminate an IPSEC VPN on the inside interface of an ASA and then route the traffic out a second VPN tunnel that terminates on the outside interface.  I have both tunnels up at this point but I'm having trouble getting the traffic to route through the two VPN's.  I.e. I'm seeing transmitted packets on one of the tunnels with no received and the exact opposite on the other.

Labels:
0 Helpful
1 Reply 1

SANTHOSHKUMAR SARAVANAN
Level 4
Level 4

‎07-11-2014 11:12 AM

Hi ,

 On your case only phase 1 tunnel will be up . "Show crypto isakmp sa" will show MM_ACTIVE , but phase 2 tunnel shows "show crypto ipsec sa" only one side packet encryption , no packet decryption from other side . 

Check you crypto access-list , similarly interesting traffic must be connected or statically routed behind ASA interface .  

 

HTH

Sandy

0 Helpful
Customers Also Viewed These Support Documents