Site to Site VPN - cannot ping

All,

I created a vpn tunnel between my office (Cisco ASA 5520) and home (SonicWall TZ 170 StandardOS)using 3DES MD5, Aggressive Mode and PFS.  My home network is using 192.168.90.0/24 and is connected to the OPT port of the Sonicwall.  My office LAN is 10.60.0.0/16 and 10.50.0.0/16.  The VPN tunnel is established however I cannot ping across and all my settings look correct.  Any ideas?
bigz71Asked:
Who is Participating?
 
CCIE8122Commented:
sorry, dont need the trailing "sa."  should be

debug crypto isakmp
debug crypto ipsec

(you can abbreviate these if you wish)

also make sure you are logging to the console:

logging on
logging monitor debugging
terminal monitor

when you are done:

undebug all
0
 
dlan75Commented:
Hi,
I guess you connect from home to your office.
How do you connect ? Do you use the Cisco VPN client ? When you are connected, can you check your IPs to see if you get a new one from your vpn ?
0
 
CCIE8122Commented:
Umm, he is doing site-to-site, not RAS VPN.

Can you post debug output of the following on the ASA:

deb cry is sa
deb cry ip sa

Without that, it is nearly impossible to say what the issue is.

kr
0
 
bigz71Author Commented:
CCIE8122,

I'm still new with Cisco and not exactly sure how to use the debug commands.  I ran the commands you asked and get an error the command is not found.

fw# debug cry is sa
                 ^
ERROR: % Invalid input detected at '^' marker.
fw#

0
 
bigz71Author Commented:
I was able to fix the problem by recreating the VPN tunnel.  Thanks for your help and points will be awarded to you.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.