Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

2nd vlan connected to inside interface of Cisco ASA not connecting over Site to Site tunnel

Posted on 2010-09-14
5
Medium Priority
?
537 Views
Last Modified: 2012-05-10
Hello All,

I have a Cisco ASA that has two vlans connected to it on the inside through trunking. I am trying to get both to route over the Site to Site VPN tunnel. So far the first vlan called Baroda can connect fine over the tunnel but the second only pings across but does not route TCP or UDP traffic. I am trying to figure out why. Any suggestions.  
ASA-with-2-vlans-connected.txt
0
Comment
Question by:greenbeanx81
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
5 Comments
 
LVL 5

Expert Comment

by:Ioannis_Avgeros
ID: 33677739
Check if you're missing any route inside command for that specific vlan.
0
 

Author Comment

by:greenbeanx81
ID: 33677818
Would I need route inside for trunking interfaces? The interfaces are on the same network?
0
 
LVL 11

Expert Comment

by:crouthamela
ID: 33678061
The config looks good, maybe it is an ACL issue at Acacia?
0
 
LVL 5

Expert Comment

by:Ioannis_Avgeros
ID: 33678090
You could try to remove any deny ACLs temporarily and test it.
0
 
LVL 5

Accepted Solution

by:
Ioannis_Avgeros earned 2000 total points
ID: 33678109
Check this out: It seems similar even though its not about Site-to-Site and one of your vlans works and its just the other one that doesnt. Perhaps if you shared part of your config something might come up.

https://supportforums.cisco.com/message/3014664


22.  Feb 23, 2010 6:54 AM  in response to: Edwin Kok
Re: ASA 5505 Trunk / intervlan routing issue

Just realized that you have an inbound ACL on the inside interface. Can you add the following and try again (clear logging buffer first)? If it is not working, check the log to see anything is on it.

 

access-list acl_in extended permit icmp any any

0

Featured Post

Learn Veeam advantages over legacy backup

Every day, more and more legacy backup customers switch to Veeam. Technologies designed for the client-server era cannot restore any IT service running in the hybrid cloud within seconds. Learn top Veeam advantages over legacy backup and get Veeam for the price of your renewal

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you’re involved with your company’s wide area network (WAN), you’ve probably heard about SD-WANs. They’re the “boy wonder” of networking, ostensibly allowing companies to replace expensive MPLS lines with low-cost Internet access. But, are they …
In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
Suggested Courses

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question