Hi Pavan,

kindly check attachment log , with Packet Tracer Source IP (from HO-ASA) :

- 192.168.27.52 to 10.8.14.1

- 10.0.210.20 to 10.8.14.1

- sh vpn-sessiondb detail l2l filter ipaddress 117.102.75.130
- show crypto ipsec sa peer 117.102.75.130 detail

while we packet tracer,

we ping from Dashboard meraki (MX-Meraki) to HO-ASA (192.168.27.x /24 & 10.0.210.x /24) and Reply/Reachable

but from HO-ASA to Mx-Branch  not reachable.

and already check, there's no overlap ip address with other Rules/NAT.

Thanks.

The multi NAT in packet tracer indicates that there is issue with routing'

Do packet-tracer again but this time use 

Packet tracer input <outside> .....

I.e. flapp the packet tracer 

MHM

Hi 

Thanks for the reply.

What do you mean there's an issue with the Routing?
routing on the ASA ?

I Thought on ASA there's no need to add Routing for traffic S2S VPN ?

*as long the traffic is network define on NAT, which is local and Remote network ; i also create S2S Network on another Peer (Azure & another ASA) there's no added Routing on ASA to Peer VPN

already try your suggestion for Packet-Tracer with Interface Outside as Source,

The Result is deny (i think this due the Outside Network is not included on the NAT, usually i test packet tracer for source is Inside Interface) ==> PFA the attachment

Until today,

i still havent found what causing the issue that from HO-ASA unable to reach the MX-Branch (Ping Reply)

while on the MX-Branch, able to reach the HO-ASA (Ping no Reply)

Thanks, 

Best Regards.

Did you config sysop connection vpn in Asa?

MHM

No,

As far as i know,

I have not config sysop connection VPN in ASA.

Check it by 

Show run all

If this feature not enable then you will face drop in vpn traffic 

MHM