Dears i confugre the below on my ASA
access-list ACL_PROXY_ACL extended permit ip 10.10.10.10 255.255.255.255 44.44.44.44 255.255.255.255
!
crypto ipsec ikev1 transform-set TSET_TO_BRANCH esp-aes 256 esp-sha256-hmac
!
crypto map CMAP_VPN 10 match address ACL_PROXY_ACL
crypto map CMAP_VPN 10 set peer xx.xx.xxx.xx
crypto map CMAP_VPN 10 set ikev1 transform-set TSET_TO_BRANCH
crypto map CMAP_VPN interface OUTSIDE
!
crypto ikev1 enable OUTSIDE
!
crypto ikev1 policy 10
authentication pre-share
encryption aes
hash md5
group 5
lifetime 86400
!
!
tunnel-group xx.xx.xxx.xx type ipsec-l2l
tunnel-group xx.xx.xxx.xx ipsec-attributes
ikev1 pre-shared-key CISCO
xx.xx.xxx.xx my peer
please i have a problem that the tunnel didn't get up..
so where is the problem, any nat rule must i add ?
thanks