Solved

ASA 5520 VPN to 5510 PTP

Posted on 2011-02-23
6
380 Views
Last Modified: 2012-05-11
Using IOS 8.4(1)

Was working just fine before the IOS was updated to newest 8.4(1) from 8.2(1)

Connecting ASA 5520 to the ASA 5510...

 anyone else have this issue?
0
Comment
Question by:alexr54
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 35

Accepted Solution

by:
Ernie Beek earned 500 total points
ID: 34959412
The thing could be that from version 8.3 Cisco made some huge changes in the nat functionality. I think you might want to manually review the setup to check. There might be something messed up there.

Have a look at: http://www.cisco.com/en/US/docs/security/asa/asa83/upgrading/migrating.html#wp83968
That might help you.
0
 
LVL 4

Expert Comment

by:Kendzast
ID: 34959414
I don't understand your scenario. Can you post something more?
0
 
LVL 2

Author Comment

by:alexr54
ID: 34959472
We decided to revert back to the older IOS. Will revisit this shortly.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 35

Expert Comment

by:Ernie Beek
ID: 34959498
Ok, anything before 8.3 should be ok.
0
 
LVL 2

Author Comment

by:alexr54
ID: 34959690
whats happening is VPN is connected, but seems no pass through traffic is allowed...
0
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 34959723
That could be the access-lists that are used to match the traffic that is permitted to go through the tunnel or the lists that are used for the nat exempts (no nat) for the traffic going through the tunnel. As said before, I suspect it has to do with the latter.

If possible, the easiest way might be to set up a new site2site VPN using the wizard in ASDM and be done with it.
0

Featured Post

Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you have an ASA5510 then this sort of thing would be better handled with a CSC Module, however on an ASA5505 thats not an option, and if you want to throw in a quick solution to stop your staff going to facebook during work time, then this is the…
You deserve ‘straight talk’ from your cloud provider about your risk, your costs, security, uptime and the processes that are in place to protect your mission-critical applications.
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

724 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question