Link to home
Create AccountLog in
Avatar of MISLtd
MISLtdFlag for United Kingdom of Great Britain and Northern Ireland

asked on

ASA 5505 NAT routing issue

I have   three ASA appliances, 2 x ASA5505 and 1 x ASA5510 all devices are connected via a hub and spoke vpn with the ASA5510 placed  in the middle. I can connect using the ipsec client to any of the three devices however after connecting to either of the ASA 5505 units cannot use any service on the local lan:
Site A Sotland:  ASA 5505
192.168.113.0/24
Site B England ASA 5510
            192.168.16.0/24
Site C Wales ASA 5505
            192.168.110.0/24

Connect to site B ip address issued 192.168.16.200 can connect to and service at site A B or C
Connect to site A ip address issued 192.168.110.200 can connect to any service at site B & C site A packets dropped with message Teardown UDP connection from outside (ip) to inside (ip)
Connect to site C ip address issued 192.168.113.200 can connect to any service at site A & B site C packets dropped with message Teardown UDP connection from outside (ip) to inside (ip)
Avatar of Rick Hobbs
Rick Hobbs
Flag of United States of America image

Please upload a copy of your sanitized config file.
Avatar of MISLtd

ASKER

See the attached file.
ASA5505-Config.txt
ASKER CERTIFIED SOLUTION
Avatar of anoopkmr
anoopkmr
Flag of United States of America image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer