HI, all
I've been hitting a weird problem when attemping to create a site to site VPN connection between an ASA 5505 and a VPN 3030. For some reason, the IPSEC tunnel gets created, and I can see packets encrypting, but I never get packets back, and thus no packets get decrypted.
The firewall config is very basic. There is no split tunnelling, and the access-lists are set up so that any traffic going from the local subnet (say 192.168.1.0) to the remote subnet (say 192.168.10.0) will trigger the tunnel to form. The firewall is connected to an ADSL line, and the Internet connection seems to come up no problem
On the VPN 3030 side, we have a static route to the subnet for the asa
5505 with the public interface being used as the next hop. The VPN 3030 listens to RIP routes from the rest of the network, but does not send routes. All other routers behind the 3030 have a static route for the subnet on the ASA 5505.Can anyone tell me what are the major steps required to make a site to site connection work in this scenario? I've tried using Cisco's manuals, and they should work, but it doesn't.
Thanks!