Hi. I'm creating a VPN site-to-site tunnel between two locations(one under my control, other side is controlled by a bussines partner). On my side I have an ASA 5510 Version 8.2(3).

I have entered the configuration thrugh CLI and when I wanted to test the configuration through packet tracer(because other side isn't configured yet) it says the following:

Drop-reason: (acl-drop) Flow is denied by configured rule

I think I got everything on right but no matter what I cannot get a pass through the packet tracer. It seems that an ACL is dropping the traffic, at least that is my interpretation. The trouble is I don't think that is correct as on my inside interface all traffic is allowed.

My VPN config is as follows(relevant info only):

access-list crypto_ACL extended permit ip x.x.x.x 255.254.0.0 y.y.y.y 255.255.255.0

access-list inside_nat0_outbound extended permit ip x.x.x.x 255.254.0.0 y.y.y.y 255.255.255.0

nat (inside) 0 access-list inside_nat0_outbound

crypto isakmp policy 70

authentication pre-share

encryption aes-256

hash sha

group 5

lifetime 86400

crypto map VPN 120 match address crypto_ACL

crypto map VPN 120 set pfs group5

crypto map VPN 120 set peer x.x.x.x

crypto map VPN 120 set transform-set X_transform

crypto ipsec transform-set X_transform esp-aes esp-sha-hmac

tunnel-group x.x.x.x type ipsec-l2l

tunnel-group x.x.x.x ipsec-attributes

pre-shared-key *********

Any help on this would be most welcome.