Site to Site VPN with Cisco Security Appliance 5505 Devices

I have 2 Cisco Security Appliance 5505 Devices and 2 locations.  Location 1 (main office) has a stand alone server running DHCP and is a domain controller.  Location 2 (satellite office) has 3 workstations.

I would like to set up a site to site VPN using my Cisco devices so each one of my workstations in the satellite office can join the domain in the main office and obtain IP addresses from the main office DHCP automatically (if possible).

I have access to both devices via SSH or the ASDM interface.  I've tried using the ASDM wizard, but did not have any luck.   I used this documentation to try to set up using the wizard:

I appreciate any feedback. Thanks
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

looks like you are using the right documentation but on the satelite office you will need to setup dhcp of the firewall and give that network a different set of IP's
main office inside interface  Example
Satelite inside interface
dhcpd address interface inside
dhcpd DNS   server in main office
dhcpd enable inside
TechPleaseAuthor Commented:
Currently that is my setup.

Main office:


After running the VPN wizard, I was not able to ping to from one network to the other.( echos are

After running the wizard is there something I need to do in order to initiate the vpn?
can you provide the configs of both ASA's ?
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

TechPleaseAuthor Commented:
Sorry, both of these are remote sites and one of them went down.

They are both backup and I believe I have stripped away all of the old settings.

I've provided an image of the current setup.

I have access to both ASA devices via ASDM or SSH.

Should I use the VPN Wizard, or manually input the settings?  I have limited knowledge of the Cisco terminal, so the ASDM wizard would be ideal.

if you use the wizard it is straight foward you just create your site to site on  each one and the wizard will do the work for you
If you need the command line just let us know or if you have any issues after the wizard just post the config and we can get you whatever you are missing
TechPleaseAuthor Commented:
I just ran through the wizard on both devices.

on the MAIN OFFICE DEVICE I entered the Peer public address of the REMOTE OFFICE, and vice versa at the REMOTE OFFICE.

I am trying to test it by pinging from client to server and it has not worked.  Is there a way to test the VPN tunnel itself?  

Do I need to do anything to initiate the VPN tunnel?
TechPleaseAuthor Commented:
I did "sh run" on each device and posted the output.

I've replaced the public ip addresses with: for Remote Office for Main Office
TechPleaseAuthor Commented:
Would the comcast modem be causing any problems?  

The Cisco documentation I've been using is from one ASA to another without any device in between.  I have setup a DMZ on each network that I assume is bypassing the Comcast Modem, but am I missing something?
TechPleaseAuthor Commented:
I added a nonat rule on both sides and it is now working.

Thanks for the help

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.