?
Solved

Lan 2 Lan tunnel not coming up

Posted on 2008-10-27
5
Medium Priority
?
356 Views
Last Modified: 2011-10-19
I am having troubles bring up a tunnel. It used to connect  to our cisco 3030 and now we have moved it to an ASA 5505... I have attaced the debug log file.
asadebuglog.txt
0
Comment
Question by:axl13
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 32

Expert Comment

by:harbor235
ID: 22822151

Looks fine, whats wrong? Tunnel establishes, how are you testing that it does not work?

Most likely your problem is that you have NAT configured as well and you are not telling your VPN devices not to nat the traffic from your inside LANs. On the ASA you need to setup nat0 to say do not nat from inside1 LAN to inside2 LAN. Can you post your config?

harbor235 ;}
0
 

Author Comment

by:axl13
ID: 22823967
Here is the config
asa.TXT
0
 
LVL 32

Accepted Solution

by:
harbor235 earned 1500 total points
ID: 22824066

NAT is the problem, youo are nat'ng everything, add the following;

nat (inside) 0 access-list NONAT
access-list NONAT permit ip XXX.XXX29.192 255.255.255.192 XXX.XXX75.0 255.255.255.0 (same as the traffci you are encypting)

harbor235 ;}
0
 

Author Comment

by:axl13
ID: 22824346
current we need to do an ssh -l xxx asa to get to the device... How do I assign the xxx on the asa
0
 
LVL 32

Expert Comment

by:harbor235
ID: 22824778


The question you asked dealt with L2L tunnels, is that working? SSH configuration abd operation would be another question. However, if you mean how do you configure a user account on the asa to be used with ssh -l
then you need to use the username x password y command. You also need to generate public and private keys if ssh has never been confgured beofore.

harbor235 ;}
0

Featured Post

Ransomware Attacks Keeping You Up at Night?

Will your organization be ransomware's next victim?  The good news is that these attacks are predicable and therefore preventable. Learn more about how you can  stop a ransomware attacks before encryption takes place with our Ransomware Prevention Kit!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this tutorial I will show you with short command examples how to obtain a packet footprint of all traffic flowing thru your Juniper device running ScreenOS. I do not know the exact firmware requirement, but I think the fprofile command is availab…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question