I configured a IPSec Site to Site VPN between 2 Cisco ASA 5515X on ASA 9.4.1.
After configuration, on remote site, I got this erreur "Deny inbound protocol 50 src outside: central@IP dst outside: remote@IP."
I had to "enable traffic between two or more hosts connected to the same interface" to make it working...
Is this normal?
Thanks for your help,
Protocol 50 means ESP which is blocked.
If you can provide more information about the interfaces then only we can understand clearly.
I thought Cisco ASA would unblock ESP 50 automatically for the peer I configured for Site to Site on IKEv2...
2 Cisco ASA are on Internet and communicate with their outside interfaces
Which information do you want?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: