what way is the VPN set up?? - Cisco Community

1444

Views

0

Helpful

6

Replies

Hello,

I have set up a Site-2-Site VPN-connetcion with an ISA570.

The VPN-Tunnel is working, the opposite side can use the connection, but our local network is completely blocked. Not even a ping to the ISA is possible.

Can anyone give a hint how to handle the blocking of the local LAN?

Thanks in advance.

6 Replies 6

what way is the VPN set up??

I used the Site-to-Site VPN Wizard for setup.

We use a Per-Shared key

The local net is 192.168.5.0/26

The remote net is 10.189.88.0/21

PFS and DPD are enabled, the D-H-Group is 14, Encryption is AES_256, Hash is SHA1.

All is cleared with the remote site, the VPN is up and can be used by the remote site. Only our local net is "blocked".

Are you using interface ACL's?

I disabled for testing all ACLs. There was no change in behaviour.

Again you are using a Cisco ASA or ISA 570?

I suspect this is either a NAT issue or full domain encryption issue. Both ways we need more config to review before figuring this out.

As I wrote in my question, it's an ISA570.

Learn, share, save

Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.

New here? Get started with these tips. How to use Community New member guide

Log in to Community