Cannot get Dynamic L2L tunnel working with 2 x Cisco ASA 5505

I have a main location with a static IP + ASA 5505, and a second location with a dynamic IP + ASA 5505. I have never done a dynamic tunnel before, so im not sure what i missed. Attached are the scrubbed configs - thx for the help.
Note: There is an IP phone on the Dynamic side that connects to the main office phone system. Now, eventhough the VPN Tunnel is not up, it ONLY works when plugged into the LAN @ the corporate office, OR on the remote network behind the ASA - it will not work from any other internet connection - and im absolutely positive it's connecting via LAN IP and not Public IP, which is strange.
ASA-Corp-office--static-IP-.txt
LVL 1
mhdcommunicationsAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
max_the_kingConnect With a Mentor Commented:
Hi,

you need to add the following:

access-list l2l-vpn extended permit ip 192.168.10.0 255.255.255.0 192.168.20.0 255.255.255.0

crypto map dyn-map 10 match address l2l-vpn

on the other side of the tunnel you need to do the "reverse" implementation (assuming your naming convention on vpn config is mirrored, otherwise change accordingly):

access-list l2l-vpn extended permit ip 192.168.20.0 255.255.255.0 192.168.10.0 255.255.255.0

hope this helps
max
crypto map dyn-map 10 match address l2l-vpn
0
 
mhdcommunicationsAuthor Commented:
Also
crypto isakmp enable outside
Thx.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.