Hi all I am trying to have a site to site VPN across ASA with static NAT. I am sending the interesting traffic from inside to outside and have not configured any inbound access-list on the outside interface to allow the ESP packet.
Instead, I have configure the following command to global policy map under inspection_default. "inspect ipsec-pass-thru" I see connection entry in the "conn table" ciscoasa# sh conn 1 in use, 15 most used ESP outside 10.30.20.40 inside 10.20.30.40, idle 0:00:01, bytes 124 But the return traffic is being dropped by ASA's outside interface. Any thoughts? With regards Kings
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
