ASA 5505 L2L IPSEC VPN setup user can't see remote side
Posted on 2008-11-09
I have a two ASA 5505's communicating via cable. Site A is the central office. The local LAN at site A is 192.168.0.0/24. Site A is connect via T1's to other remote sites, they are addressed 192.168.4.0/24, and 192.168.5.0/24. Site B is a remote office with a local LAN of 192.168.14.0/24.
The VPN between the sites comes up, and the IP phones at Site B load OK from the Call Manager at Site A. I am able to make and receive calls but this appears to be the only traffic that is allowed.
From Site A I cannot ping the inside address of Site B. Site A can ping addresses on the Internet and any of the other subnets.
Site B cannot ping the inside address of Site A or any of the other subnets behind it. Site B can ping addresses on the Internet.
Site B cannot resolve hostnames from the DNS server at Site A.
Site A can see the web page from a printer on Site B, but other apps like Apple Remote Desktop don't work.
Users on Site B cannot see anything on Site A or other subnets.
I have added what I thought were the appropriate access-list entries but nothing changes.
What should I be doing to debug this? Or, if you've seen this problem before, could you point me towards the resolution?
I am at a loss for what to try next. I will post a show run from either of both sides if needed. Your help is greatly appreciated.