• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 825
  • Last Modified:

Site to Site VPN - cannot ping

All,

I created a vpn tunnel between my office (Cisco ASA 5520) and home (SonicWall TZ 170 StandardOS)using 3DES MD5, Aggressive Mode and PFS.  My home network is using 192.168.90.0/24 and is connected to the OPT port of the Sonicwall.  My office LAN is 10.60.0.0/16 and 10.50.0.0/16.  The VPN tunnel is established however I cannot ping across and all my settings look correct.  Any ideas?
0
bigz71
Asked:
bigz71
  • 2
  • 2
1 Solution
 
dlan75Commented:
Hi,
I guess you connect from home to your office.
How do you connect ? Do you use the Cisco VPN client ? When you are connected, can you check your IPs to see if you get a new one from your vpn ?
0
 
CCIE8122Commented:
Umm, he is doing site-to-site, not RAS VPN.

Can you post debug output of the following on the ASA:

deb cry is sa
deb cry ip sa

Without that, it is nearly impossible to say what the issue is.

kr
0
 
bigz71Author Commented:
CCIE8122,

I'm still new with Cisco and not exactly sure how to use the debug commands.  I ran the commands you asked and get an error the command is not found.

fw# debug cry is sa
                 ^
ERROR: % Invalid input detected at '^' marker.
fw#

0
 
CCIE8122Commented:
sorry, dont need the trailing "sa."  should be

debug crypto isakmp
debug crypto ipsec

(you can abbreviate these if you wish)

also make sure you are logging to the console:

logging on
logging monitor debugging
terminal monitor

when you are done:

undebug all
0
 
bigz71Author Commented:
I was able to fix the problem by recreating the VPN tunnel.  Thanks for your help and points will be awarded to you.
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now