Hi All,
I have a bit of a strange one that l can't seem to figure out.
I have the following set-up -
Management Station Orion > LAN > Inside ASA > LAN > Internet Router > Cloud > ISP Router > Threat Management Gateway > Customers LAN ABC
The text in Red is managed by my company and is in our Data Centre. The Cisco ASA's outside interface is natted from a Public IP that peers to the remote site to site VPN with the Microsoft TMG. The text in Blue is managed by the ISP, and the text in Green is company ABC that has just been installed.
The VPN tunnel comes up on the Cisco ASA in the Data Centre and establishes Phase 1 & 2 with the remote peer, but no packets are decrypted on the return path from the Threat Management Gateway. See doc ABC ASA config.rtf
Management subnet (192.151.138.0) - Remote Peer (194.x.x.65) - Subnet being monitored (172.29.34.x)
We can see the tunnel establishing, the traffic coming in from the TMG and being returned again back to the Orion Management station 192.161.128.x (Orion) to 172.29.34.x (Loopback for SNMP). See attached Packet Capture
Any pointers on ASA to TMG debugging, trace files on the TMG etc would be greatly appreciated.
Regards,
James