Solved

Site to site VPN

Posted on 2007-11-29
2
599 Views
Last Modified: 2008-10-14
I am setting up a test with 2 windows xp pcs and 2 Cisco ASA 5510 appliances. I have the 2 ASA devices connected togethe via ethernet and the 2 windows pcs are plugged directly into the respective ASA firewalls.

I should be able to ping the remote PC and get a reply, but it doesnt seem to be working. Followed the wizard, the only thing I can think of is that the device didnt come with a liscense for VPN.
0
Comment
Question by:dwarner8
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 28

Accepted Solution

by:
batry_boy earned 250 total points
ID: 20374798
The ASA comes with VPN functionality built in, both for remote access and site-to-site VPN capability...no special licensing required.

Have you verified that the VPN tunnel is up?  From the command line interface, you can issue the command:

sh cryp is sa

and it will say something similar to the following if the tunnel is up:

1   IKE Peer: xxx.xxx.xxx.xxx
    Type    : user            Role    : responder
    Rekey   : no              State   : MM_ACTIVE
2   IKE Peer: xxx.xxx.xxx.xxx
    Type    : user            Role    : responder
    Rekey   : no              State   : MM_ACTIVE

If the tunnel is up, then you should be able to ping the other client PC as long as the crypto access list is correct.  Post the output of both the following commands to further troubleshoot:

sh cryp is sa
sh cryp ip sa
0
 
LVL 1

Author Comment

by:dwarner8
ID: 21323552
THanks
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We sought a budget ($5,000) firewall solution that would provide all the performance we needed with no single point of failure.  Hosting a SAAS web application in our datacenter, it was critical that we find a way to keep connectivity up and inbound…
Network traffic routing plays key role in your network, if you have single site with heavy browsing or multiple sites, replicating important application data from your Primary Default Gateway ,you have to route your other network traffic from your p…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question