question regarding creating a site-to-site VPN between an ASA 5505and a VPN 3030

Discussion in 'Cisco' started by Mike Rahl, Nov 28, 2007.

  1. Mike Rahl

    Mike Rahl Guest

    HI, all

    I've been hitting a weird problem when attemping to create a site to
    site VPN connection between an ASA 5505 and a VPN 3030. For some
    reason, the IPSEC tunnel gets created, and I can see packets
    encrypting, but I never get packets back, and thus no packets get
    decrypted.

    The firewall config is very basic. There is no split tunnelling, and
    the access-lists are set up so that any traffic going from the local
    subnet (say 192.168.1.0) to the remote subnet (say 192.168.10.0) will
    trigger the tunnel to form. The firewall is connected to an ADSL line,
    and the Internet connection seems to come up no problem

    On the VPN 3030 side, we have a static route to the subnet for the asa
    5505 with the public interface being used as the next hop. The VPN
    3030 listens to RIP routes from the rest of the network, but does not
    send routes. All other routers behind the 3030 have a static route for
    the subnet on the ASA 5505.

    Can anyone tell me what are the major steps required to make a site to
    site connection work in this scenario? I've tried using Cisco's
    manuals, and they should work, but it doesn't.

    Thanks!
     
    Mike Rahl, Nov 28, 2007
    #1
    1. Advertising

  2. Mike Rahl

    CK Guest

    Re: question regarding creating a site-to-site VPN between an ASA5505 and a VPN 3030

    As per the issue..

    I understood below scenerio:

    ASA 5505 <------VPN-TUNNEL------> VPN 3030

    Is ASA NAT the inetrnal ips when it hits VPN 3030?
    R u able to see logs/hits on VPN 3030?
    Can u post the logs if u find any..
     
    CK, Nov 29, 2007
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Joe Shmoe

    VPN Client 4.0.3(f) to VPN 3030

    Joe Shmoe, Apr 14, 2004, in forum: Cisco
    Replies:
    15
    Views:
    13,110
    News Account
    Apr 16, 2004
  2. Replies:
    0
    Views:
    880
  3. SteveB
    Replies:
    0
    Views:
    3,326
    SteveB
    Mar 26, 2009
  4. chunalt787
    Replies:
    1
    Views:
    2,474
    Justin G. Mitchell
    Jul 21, 2009
  5. ozoubi
    Replies:
    0
    Views:
    908
    ozoubi
    Sep 23, 2010
Loading...

Share This Page