10-03-2017 12:15 PM - edited 03-12-2019 04:35 AM
Hello,
I have a site to site vpn that has been setup about a few months ago. I just realized that the layer 3 switch connected to the ASA 5505 (Site A) is unable to ping a VLAN (229) that resides at Site B. I have two other switches that are trunked to this particular layer 3 switch and these two switch are able to ping VLAN 229 just fine. I don't understand why these two switch are able to ping 192.168.229.1 and the layer 3 switch is unable. When I do a traceroute from the layer 3 switch it takes me out to the internet and not through the VPN. Also when I'm at Site A and plug my laptop to a switchport that is in VLAN 234 I can ping VLAN 229 just fine and when I am at Site B I am able to ping VLAN 234 just fine. So I figure it has something to do with the ASA since my traceroute tells me that it's not going through the VPN.
Site A
Cisco ASA Inside Interface = 10.0.0.1/30
Switch 1 (Layer 3)
Interface to ASA = 10.0.0.2/30
VLAN 234 = 192.168.234.1/24
ip route 0.0.0.0 0.0.0.0 10.0.0.1
Site B
Switch 1 (Layer 3)
VLAN 229 = 192.168.229.1/24
Solved! Go to Solution.
10-03-2017 12:35 PM
10-03-2017 12:24 PM
10-03-2017 12:29 PM
Ok, that worked using an extended ping. However, my radius server resides on VLAN 229 (192.168.229.95) and that layer 3 switch does not know how to reach 229.95. Could it be a routing issue with the layer 3 switch?
10-03-2017 12:35 PM
10-03-2017 12:39 PM
You sir, are the man! Thanks!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide