Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
844
Views
0
Helpful
2
Replies

"ASA VPN/IPsec with BGP Configuration Example" Issues

Ralphy006
Level 1
Level 1

‎10-08-2015 06:02 PM - edited ‎02-21-2020 08:29 PM

Has anyone gotten this setup to work?

http://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/118835-config-asa-00.html

 

I have it labbed out, and I am able to bring up VPN tunnel, a BGP neighborship, and routes propagate.

 

I see the routes for 172.16.20.0/24 and 172.16.30.0/24 on both devices. But, the subnets are unable to communicate.

 

Does 172.16.20.0/24 and 172.16.30.0/24 need to be added to the crypto map? Or should 172.16.20.0/24 and 172.16.30.0/24 be able to communicate through the tunnel without be explicitly added, relying on the BGP relationship?

 

Any help would be great, much thanks!

 

Labels:
0 Helpful
2 Replies 2

rvarelac
Level 7
Level 7

‎10-09-2015 01:52 PM

Hi Ralph, 

 

I recommend you to check the routing table of each device "show route ", also a packet-tracer will be helpful as well. Maybe an ACL or rule is dropping this traffic. 

 

Example:

 

packet-tracer input inside icmp <src IP > 8 0 <dst IP > detailed 

 

 

Hope it helps 

- Randy- 

0 Helpful

mvsheik123
Level 7
Level 7
In response to rvarelac

‎10-09-2015 06:53 PM

Hi,

You need to have Nonat rules on both end and ACL added to crypto rules.

hth

MS

0 Helpful
Customers Also Viewed These Support Documents