I have a weird issue I don't understand, and I really want to. Familar with IPSec, just not on ASA's.
I have 3 sites. Two satellite offices, and a colo. This colo has tunnels to all the branch offices, and the branch offices have an independent tunnel to each other as well.
I received a notice that satellite office 1 and 2 could not reach each other for some reason. I thought it was a tunnel dropping and I think I am right. But when checking the routing table on the ASA, I do not see any routes for the tunneled subnets, only the locally connected subnets, and the outside public set which is set as the last resort.
While its working now, why am I not seeing any of the far subnets that are reachable in the table? If I look at the table logically it seems they get sent out through the ISP and are magically routed even though they are private addresses.
I can submit a anonymous example if needed.
No comments:
Post a Comment