• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 627
  • Last Modified:

VPN: ASA to SonicWall

Hey EE,

Having an issue with pinging internal LAN machines behind a Sonicwall firewall from a server behind the ASA.   I have a site to site Cisco ASA 5505 to a Sonicwall at the other end.   VPN is up and passing traffic, but on the server I can not ping the internal behind the Sonicwall.  I can ping the Sonicwall Gateway 192.168.1.1, but after that nothing on LAN side behind Sonicwall is pinging.  

ASA side:
Can ping Sonicwall gateway 192.168.1.1
But can not ping anything behind the Sonicwall.  

Any clue?
0
ilivegolive
Asked:
ilivegolive
  • 4
  • 2
1 Solution
 
ilivegoliveAuthor Commented:
Inside the Sonicwall firewall I see VPN to LAN, and LAN to VPN access allowed.  The ASA is receiving and transmitting and on the firewall, VPN is active.
0
 
convergintCommented:
So clients from the Sonicwall side can ping the server and other clients on the ASA side?
0
 
ilivegoliveAuthor Commented:
Hey convergint, - forgot to mention that.  No client behind the Sonicwall can ping the server behind the ASA.  But.....the Sonicwall can ping the server.   So from the Sonicwall GUI interface tool, the server is pingable, but the LAN PCs are not able to.  The LAN PCs are plugged into a switch.  They get internet access just cant ping the server or the subnet the server lives on.
0
Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

 
convergintCommented:
It sounds like the NAT routing is not setup properly on the ASA.  The Sonicwalls will automatically add a route to the VPN connections but the ASA's do not.
0
 
ilivegoliveAuthor Commented:
Hey convergint -

The current ACL is

access-list CUSTOMER extended permit ip 10.15.213.87 255.255.255.224 192.168.1.0 255.255.255.0

Traffic is being received and sent.  I was figuring it could be something up with the Sonicwall as the ASA can ping the Sonicwall and the Sonicwall can ping the ASA.

10.15.213.87 is where the server lives behind the ASA.  192.168.1.0 the LAN behind the Sonciwall with .1 being the gateway.
0
 
ilivegoliveAuthor Commented:
This has been resolved.  Rebuilt the tunnel on the ASA.  Traffic is passing through to the LAN behind the Sonicwall now.  Not sure to sure what happened.  Before I rebuilt the tunnel, i saw traffic passing just fine.  But the interesting part is, the traffic that was passing was very small.  But after I rebuilt the tunnel, the traffic received and sent was very large.  Thanks convergint, i feel it could have been something goofed with the Access List / NAT
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now