Jump to content


Photo

NG Firewall to CIsco ASA IPSEC Tunnel


  • Please log in to reply
4 replies to this topic

#1 Ed Reiss

Ed Reiss
  • Members
  • 23 posts

Posted 05 August 2011 - 12:22 PM

Hello all.

I am trying to get the NG firewall to build a tunnel to a Cisco ASA 5505 firewall. I have the VPN policy set up on both ends, and I believe I have the no-nat policies set on each side. But the tunnel never comes up. In fact, I see the ESP packets leaving the NG firewall but I do not see them at the ASA 5505.

I looked through the documentation but I still cannot get the tunnel up. So, if someone could help me either by pointing out where the information is or by giving me some instructions I would appreciate it.

Ed

#2 Sivakumar Arumughan

Sivakumar Arumughan
  • Barracuda Team Members
  • 1 posts

Posted 05 August 2011 - 12:28 PM

Please create a pass rule to allow LAN traffic between two sites.

eg: Site 1 LAN is 10.10.100.0/24
Site 2 LAN is 192.168.1.0/24

The action PASS,
TWO WAY rule (Check the box)
Source 10.10.100.0/24
Service ALL
Destination 192.168.1.0/24
Connection method NO SOURCE NAT

-Siva

#3 Ed Reiss

Ed Reiss
  • Members
  • 23 posts

Posted 05 August 2011 - 01:14 PM

Siva,

Thanks. I get the following error though:

AID Tunnel Name Peer Local Count Last Info Param Internal
1 IPSEC Home-172.xx.xx.xx-192.168.200.0 0.0.0.0 0.0.0.0 70 2 s No Transport Match Found 192.168.200.2 -> 172.xx.xx.xx

It looks like "Transport" is set to ESP When I view the Site to Site VPN. Where do I set the transport?

#4 Ed Reiss

Ed Reiss
  • Members
  • 23 posts

Posted 05 August 2011 - 03:40 PM

I fixed it. I had my phase 1 and phase 2 proposals set up wrong on the Barracuda side.

thanks anyway!

#5 Oliver Braekow

Oliver Braekow
  • Moderators
  • 165 posts
  • LocationInnsbruck, Austria

Posted 05 August 2011 - 03:55 PM

Glad you've been helped. I Moved the thread from release announcements to general NG Firewall section. The Release announcements section should stay reserved for reelase announcements by the Barracuda NG Firewall team..