We have an ASA running 8.2(3) and have two site-to-site VPNs running on it. The second VPN we just established the other day and, from the ASA itself, it appears to be working. We are able to ping remote hosts from the ASA without issue. However, on this second VPN any hosts on our LAN cannot reach the remote side... Trying to figure out what might be going on. Applicable config below (please forgive errors and formatting):
interface Ethernet0/0
nameif outside
security-level 0
ip address WAN.IP.ADDR 255.255.255.224
!
interface Ethernet0/1
nameif inside
security-level 100
ip address 192.168.21.1 255.255.255.0
!
interface Ethernet0/2
shutdown
nameif intf2
security-level 0
no ip address
!
interface Ethernet0/3
shutdown
no nameif
no security-level
no ip address
!
interface Management0/0
shutdown
nameif management
security-level 100
no ip address
management-only
!
access-list outside_cryptomap extended permit ip 192.168.21.0 255.255.255.0 10.50.50.0 255.255.255.0
access-group acl_out in interface outside
crypto ipsec transform-set ATLAS-TS esp-3des esp-sha-hmac
crypto ipsec security-association lifetime seconds 28800
crypto map mymap 2 match address outside_cryptomap
crypto map mymap 2 set peer PEER.WAN.IP.ADDR
crypto map mymap 2 set transform-set ATLAS-TS
crypto map mymap 65535 ipsec-isakmp dynamic dynmap
crypto map mymap interface outside
crypto isakmp identity address
crypto isakmp enable outside
crypto isakmp policy 5
authentication pre-share
encryption 3des
hash sha
group 2
crypto isakmp nat-traversal 10
tunnel-group PEER.WAN.IP.ADDR type ipsec-l2l
tunnel-group PEER.WAN.IP.ADDR ipsec-attributes
pre-shared-key *****