• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 346
  • Last Modified:

Lost connect to external network after creating site to site vpn

I have several machines hosted at an external data center.  I had access to them.  I thn created a site to site vpn to the site and can no longer ping them.  even when I take the site to site vpn out of the asa I cannot get to them.  The asa can still ping the hosts but anything behind the asa cannot.
0
dmwynne
Asked:
dmwynne
  • 3
1 Solution
 
jmeggersSr. Network and Security EngineerCommented:
Is the ASA advertising a route to the inside to get to the servers at the other end?  How were you getting to the servers prior to the VPN tunnel?  Did you change the configuration on the other end and is it possible it's still trying to encrypt the traffic?
0
 
dmwynneAuthor Commented:
I was getting to the machines via the internet, they all have external ips and I had specific ports open.  I did change the config on the other end.  Currently the site to site is up but I can't get to those external ips at all.

0
 
lrmooreCommented:
How did you set up the nat0 access-list for the VPN?
Can you paste your relevant config?
0
 
dmwynneAuthor Commented:
This was a routing issue on the remote side.  Needed to add routes on the remote firewall to the internal networks.
0
 
dmwynneAuthor Commented:
routing issue on the Juniper end.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Firewall Management 201 with Professor Wool

In this whiteboard video, Professor Wool highlights the challenges, benefits and trade-offs of utilizing zero-touch automation for security policy change management. Watch and Learn!

  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now