Just setup a site to site vpn between 2 ASA 5520 Firewalls in two locations but vpn doesn't work even though i see phase 2 completed on the logs. I can't ping across the LANs. Any ideas why this happens?
Could you plz share the run configs of both ASAs?, there a big set up of things that you should checked to make sure the traffic is allowed to go through, you may run a packet tracer, in order to see how the packet traverses and make sure that there is not a NAT statement translating your Source IPs to the interface or to another IPs, for example:
Also make sure there is not an inbound acl applied to the originating interface (access-group), if there is one, add an acl to allow it, for testing purposes you may use the "Management-access <Interface-name>" command to allow an interface to ping across the VPN, after that an example:
- ping inside 192.168.1.20
If you can provide the running configs and the packet tracer, possibly this is NAT exemption what you are missing,
Please proceed to rate and mark as correct this post if it helped you, keep me posted!