<div>
I cannot guess which of obscured addressed is amazon...
</div>


I cannot guess which of obscured addressed is amazon...

<div>
There are two tunnels, 44.219. &nbsp;Both are Amazon. &nbsp;Amazon allows redundant tunnels. &nbsp;Both are setup the same way.
</div>


There are two tunnels, 44.219.  Both are Amazon.  Amazon allows redundant tunnels.  Both are setup the same way.

<div>
Again, the ASA doesn't try to build the tunnels at all, even when traffic is sent to the 192.168.200.0 subnet.
</div>


Again, the ASA doesn't try to build the tunnels at all, even when traffic is sent to the 192.168.200.0 subnet.

<div>
<div class="content wysiwyg-content">
Hello,<br />
<br />
I'm trying to establish a VPN tunnel to Amazon Web Services. &nbsp;I have the VPC setup on the AWS side and configured properly. &nbsp;Because Amazon advertises a 0.0.0.0/0 route when they initiate the connection, the tunnel on the ASA has to be set to originate-only in the crypto map. &nbsp;I've made this work fine on 9.0 ASA's, but in this 8.2 ASA the tunnel won't try to initiate even when I try to send traffic across it (in this case to the 192.168.200.0 subnet on the Amazon side). &nbsp;I've attached the sanitized ASA config. &nbsp;Can someone give me a clue why the tunnel won't try to initiate?<br />
<br />
Thanks,<br />
Toni<br />
<a href="https://filedb.experts-exchange.com/incoming/2015/02_w07/898064/ASA5505-Config.txt" target="_blank" class="file-inline" title="ASA Config (7 KB)"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M67.508 468.467c-58.005-58.013-58.016-151.92 0-209.943l225.011-225.04c44.643-44.645 117.279-44.645 161.92 0 44.743 44.749 44.753 117.186 0 161.944l-189.465 189.49c-31.41 31.413-82.518 31.412-113.926.001-31.479-31.482-31.49-82.453 0-113.944L311.51 110.491c4.687-4.687 12.286-4.687 16.972 0l16.967 16.971c4.685 4.686 4.685 12.283 0 16.969L184.983 304.917c-12.724 12.724-12.73 33.328 0 46.058 12.696 12.697 33.356 12.699 46.054-.001l189.465-189.489c25.987-25.989 25.994-68.06.001-94.056-25.931-25.934-68.119-25.932-94.049 0l-225.01 225.039c-39.249 39.252-39.258 102.795-.001 142.057 39.285 39.29 102.885 39.287 142.162-.028A739446.174 739446.174 0 0 1 439.497 238.49c4.686-4.687 12.282-4.684 16.969.004l16.967 16.971c4.685 4.686 4.689 12.279.004 16.965a755654.128 755654.128 0 0 0-195.881 195.996c-58.034 58.092-152.004 58.093-210.048.041z"/></svg>ASA5505-Config.txt</a>
</div>
</div>


ASA5505-Config.txt

Hello,

I'm trying to establish a VPN tunnel to Amazon Web Services.  I have the VPC setup on the AWS side and configured properly.  Because Amazon advertises a 0.0.0.0/0 route when they initiate the connection, the tunnel on the ASA has to be set to originate-only in the crypto map.  I've made this work fine on 9.0 ASA's, but in this 8.2 ASA the tunnel won't try to initiate even when I try to send traffic across it (in this case to the 192.168.200.0 subnet on the Amazon side).  I've attached the sanitized ASA config.  Can someone give me a clue why the tunnel won't try to initiate?

Thanks,
Toni

ASA 5505 (8.2) VPN Tunnel To Amazon VPC

Cisco PIX is a dedicated hardware firewall appliance; the Cisco Adaptive Security Appliance (ASA) is a firewall and anti-malware security appliance that provides unified threat management and protection the PIX does not. Other Cisco devices and systems include routers, switches, storage networking, wireless and the software and hardware for PIX Firewall Manager (PFM), PIX Device Manager (PDM) and Adaptive Security Device Manager (ASDM).

Cisco

Hardware-based firewalls provide more sophisticated protection for inbound and outbound traffic than the simple Windows software firewall or the basic NAT firewalls found in routers. These devices implement techniques such as stateful packet inspection, deep packet inspection, and content filtering; and may include built-in antivirus and anti-malware protection.

Hardware Firewalls

A virtual private network (VPN) is a network that uses a public telecommunication infrastructure, such as the Internet, to provide remote offices or travelling users access to a central organizational network securely. VPNs encapsulate data transfers using secure cryptographic methods and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted.