• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 410
  • Last Modified:

VPN Site to site

Dear experts

Im having problem with site to site VPN connection IPsec. site A to B

This is a Cisco ASA 5505 im using and after I added connection peer ip as site B in A connection profile, and same encrypion algorithms, and also with NAT rules that allow site B to A, and did the same thing with B, the connection didnt get through... The VPN monitor shows connection: 0 in both site... I didnt also recieve anything error from the log and nothing happens... I dont know why tho, anyone know what is this kind of problem?

ASA: 8.2.(3)
ADSM: 6.3(4)53

Thx for your time.
 
0
Handersson75
Asked:
Handersson75
  • 3
  • 3
2 Solutions
 
Ernie BeekCommented:
Did you also add a rule that matched the traffic that needs to go through the tunnel?
0
 
jmeggersCommented:
First things first -- check your ACLs on both ends of the tunnel to make sure they're mirror images of each other (source A to dest B on one end and source B to dest A on the other end).  Second, have you generated traffic to bring the VPN tunnel up?  

If you have done that, and the VPN should be active, get on the command line and "debug crypto isakmp" to see whether an ISAKMP association is forming.  If that's complete, when you do "show crypto isakmp sa" you should see a listing for the peering showing QM_IDLE as the status.  If you don't see that, something's happening that's causing Phase 1 to fail.  

If you do, then you need to look at "show crypto ipsec sa" to see if traffic is being encrypted.
0
 
Handersson75Author Commented:
i got respond there are no isakmp sas... when i wrote it in CLI
0
Configuration Guide and Best Practices

Read the guide to learn how to orchestrate Data ONTAP, create application-consistent backups and enable fast recovery from NetApp storage snapshots. Version 9.5 also contains performance and scalability enhancements to meet the needs of the largest enterprise environments.

 
Ernie BeekCommented:
It might be handy if you post your sanitized configs here. I think that way its easier for us to help you.
0
 
Handersson75Author Commented:
Problem solved, it was my stupid misstake, I forgot to add the crypto mapp in the site to site, now its working, I will give the points tho to you guys that try to help me with this.

Thank you very much.
0
 
Handersson75Author Commented:
Find the problem.
0
 
Ernie BeekCommented:
Well Thx for the points, good you found it :)
0

Featured Post

Veeam and MySQL: How to Perform Backup & Recovery

MySQL and the MariaDB variant are among the most used databases in Linux environments, and many critical applications support their data on them. Watch this recorded webinar to find out how Veeam Backup & Replication allows you to get consistent backups of MySQL databases.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now