Solved

2nd vlan connected to inside interface of Cisco ASA not connecting over Site to Site tunnel

Posted on 2010-09-14
5
528 Views
Last Modified: 2012-05-10
Hello All,

I have a Cisco ASA that has two vlans connected to it on the inside through trunking. I am trying to get both to route over the Site to Site VPN tunnel. So far the first vlan called Baroda can connect fine over the tunnel but the second only pings across but does not route TCP or UDP traffic. I am trying to figure out why. Any suggestions.  
ASA-with-2-vlans-connected.txt
0
Comment
Question by:greenbeanx81
  • 3
5 Comments
 
LVL 5

Expert Comment

by:Ioannis_Avgeros
ID: 33677739
Check if you're missing any route inside command for that specific vlan.
0
 

Author Comment

by:greenbeanx81
ID: 33677818
Would I need route inside for trunking interfaces? The interfaces are on the same network?
0
 
LVL 11

Expert Comment

by:crouthamela
ID: 33678061
The config looks good, maybe it is an ACL issue at Acacia?
0
 
LVL 5

Expert Comment

by:Ioannis_Avgeros
ID: 33678090
You could try to remove any deny ACLs temporarily and test it.
0
 
LVL 5

Accepted Solution

by:
Ioannis_Avgeros earned 500 total points
ID: 33678109
Check this out: It seems similar even though its not about Site-to-Site and one of your vlans works and its just the other one that doesnt. Perhaps if you shared part of your config something might come up.

https://supportforums.cisco.com/message/3014664


22.  Feb 23, 2010 6:54 AM  in response to: Edwin Kok
Re: ASA 5505 Trunk / intervlan routing issue

Just realized that you have an inbound ACL on the inside interface. Can you add the following and try again (clear logging buffer first)? If it is not working, check the log to see anything is on it.

 

access-list acl_in extended permit icmp any any

0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Wireless antenna advice/design 6 50
Does Cisco ASA 5506-X have full dmz capabilities 3 44
network error 8 36
Connecting to CISCO 4402 WLC 3 14
I recently updated from an old PIX platform to the new ASA platform.  While upgrading, I was tremendously confused about how the VPN and AnyConnect licensing works.  It turns out that the ASA has 3 different VPN licensing schemes. "site-to-site" …
This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

25 Experts available now in Live!

Get 1:1 Help Now