Dear Group,It is working with the same config. I used a wrong peer address.Regards,Tanuj Original message From:Tanuj Mathur< ciscoie_at_in.com >Date: 01 July 09 20:19:39Subject:Site to site VPN tunnel with NATTo: "ccielab" Dear Group,I am trying to establish a Site to Site VPN tunnel between Cisco ASA and VPN concentrator. I am doing a NAT on Cisco ASA to translate the local lan address to a single /32 IP address.The source address used as interesting traffic for the VPN is this /32 address. There is a no nat statement for traffic from translated address to the destination subnet.Network Behind ASA : 192.168.10.0 /24accesslist VPN1 line 1 extended permit ip any 10.240.20.0 255.255.255.0nat (Inside) 2 accesslist VPN1global (Outside) 2 194.63.35.2accesslist Outside1cryptomap line 1 extended permit ip host 194.63.35.2 10.240.20.0 255.255.255.0accesslist Insidenat0outbound line 1 extended permit ip host 194.63.35.2 10.240.20.0 255.255.255.0 nat (Inside) 0 accesslist Insidenat0outbo
undThe tunnel is not coming up. Where did I go wrong?Any help will be highly appreciated.Regards,TanujDear ccielab ! Get Yourself a cool, short @in.com Email ID now! Blogs and organic groups at http://www.ccie.net Subscription information may be found at:http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Wed Jul 01 2009 - 20:51:24 ART
This archive was generated by hypermail 2.2.0 : Sat Aug 01 2009 - 13:10:21 ART