Hello,

Here is my situation :

I'm trying to connect a client VPN IPSec through an ASA 5505 to an other ASA 5505. Actually I can make connection to the VPN but all access are blocked (ping or IP access).

When I use an ISP router directly or at home, I have no problem (ping and IP access follow the firewall rules). Connection and access are allowed.

Schema :

I attached the both configuration to this post

I updated ASA from 8.2.5 to 8.4.6 and finally 9.2.4 recently. Another ASA 5505 v8.2.5 works well in a both way (VPN connection through ASA and connection VPN through ASA1 to this ASA).

I tried many solution to resolve the problem (static nat/ipsec inspection) but I failed to solve it. I tried to see asp drop captured in ASA1 but I had only "nat-xlate-failed" drop reason.

Thank you for your help because I will become crazy...

Olivier,

Ps : sorry for my english...