Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
740
Views
1
Helpful
3
Replies

Unable to access web server with L2L VPN with ASA 5505

Translator
Community Manager
Community Manager

‎03-22-2023 11:11 PM - last edited on ‎03-23-2023 07:32 AM by Community Manager

We are in the middle of deploying an application and we realize the web server (Ubuntu apache) is not accessible through the site-to-site L2L VPN with ASA 5505s and yet the vpn is up. Is it possible to look at the configurations I have. I didn't set it up.

I have attached the configuration of both ASAs

Preview file
6 KB
Preview file
11 KB
3 Replies 3

BlakeBratu
Cisco Employee
Cisco Employee

‎03-24-2023 08:29 PM

Are you able to ping the webserver through the S2S VPN?

0 Helpful

MHM Cisco World
VIP
VIP

‎03-25-2023 06:21 AM 

Remote-ASA#packet-tracer input inside icmp 192.168.68.100 8 0 192.168.0.100 detailed

please share the output of packet-tracer above  

0 Helpful

Jeet Kumar
Cisco Employee
Cisco Employee

‎06-20-2023 03:25 AM

Hi Jimena,

I am not sure if it is already answered or if the issue is already fixed. If not, then I reviewed your configuration and it seems on ASA 2 you have a static VPN tunnel and on ASA1 you have a dynamic VPN tunnel. If the issue is still not resolved, please share the following output and i will try my best to help you out:

  • Show crypto isakmp sa
  • Show crypto ipsec sa
  •  show vpn-sessiondb detail l2l

 

 

0 Helpful
Customers Also Viewed These Support Documents