Leadtheway

<div>
yes, the tunnel comes up..but still get 100% packet loss
</div>


yes, the tunnel comes up..but still get 100% packet loss

<div>
Do the ASA tunnel stats show any transmitted/received packets? - and does ASA's packet tracer show that your test traffic would be sent over the tunnel?<br />
Is there any device between the ASA and meraki that could be blocking IPSEC tunnels ( only allowing the UDP negotiation )
</div>


Do the ASA tunnel stats show any transmitted/received packets? - and does ASA's packet tracer show that your test traffic would be sent over the tunnel?
Is there any device between the ASA and meraki that could be blocking IPSEC tunnels ( only allowing the UDP negotiation )

<div>
I figured it out, the SA lifetime was mismatched
</div>


I figured it out, the SA lifetime was mismatched

<div>
<div class="content wysiwyg-content">
Having an issue with a meraki and an ASA site to site. &nbsp;When i first built tunnel it showed up, both green on meraki and showing MM_active in the crypto sa on the ASA. &nbsp;But Still can't talk to devices behind the asa. &nbsp;And periodically when I check asa vpn status it shows red, but when i try to ping something behind the asa i get 100% loss but the tunnel will then show green. &nbsp;Not sure if its an issue with meraki and using summarized subnets or something else. &nbsp;Anyone have experience with this?<a href="https://filedb.experts-exchange.com/incoming/2019/08_w34/1429872/Capture2.PNG" target="_blank" title="Capture2.PNG (10 KB)"><img alt="Capture2.PNG" class="file-block lazyload" style="max-width: 800px;" data-src="https://filedb.experts-exchange.com/incoming/2019/08_w34/800_1429872/Capture2.PNG" /></a>
</div>
</div>


Capture2.PNG

Having an issue with a meraki and an ASA site to site.  When i first built tunnel it showed up, both green on meraki and showing MM_active in the crypto sa on the ASA.  But Still can't talk to devices behind the asa.  And periodically when I check asa vpn status it shows red, but when i try to ping something behind the asa i get 100% loss but the tunnel will then show green.  Not sure if its an issue with meraki and using summarized subnets or something else.  Anyone have experience with this?

ASA and Meraki MX site to site

Hardware-based firewalls provide more sophisticated protection for inbound and outbound traffic than the simple Windows software firewall or the basic NAT firewalls found in routers. These devices implement techniques such as stateful packet inspection, deep packet inspection, and content filtering; and may include built-in antivirus and anti-malware protection.

Hardware Firewalls

Cisco PIX is a dedicated hardware firewall appliance; the Cisco Adaptive Security Appliance (ASA) is a firewall and anti-malware security appliance that provides unified threat management and protection the PIX does not. Other Cisco devices and systems include routers, switches, storage networking, wireless and the software and hardware for PIX Firewall Manager (PFM), PIX Device Manager (PDM) and Adaptive Security Device Manager (ASDM).

Cisco

A virtual private network (VPN) is a network that uses a public telecommunication infrastructure, such as the Internet, to provide remote offices or travelling users access to a central organizational network securely. VPNs encapsulate data transfers using secure cryptographic methods and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted.