Site-to-site pfs1.2.3 <-> ASA5510 only one-way traffic



  • Hello,

    I've managed to get a site-to-site tunnel to work with my ASA5510. Works like a charm, fast & stabile.
    However i can connect to devices in my remote site, but i want services to access devices at my local site.

    Any help in the right direction?

    Regards,

    Gerwin



  • First guess, you don't have any IPsec rules so you're blocking everything inbound.



  • @cmb:

    First guess, you don't have any IPsec rules so you're blocking everything inbound.

    Uhm.. something like blocking IPSec to allow traffic to the outbound ip?

    This might do the trick?

    sysopt connection permit-ipsec
    


  • No under Firewall>Rules, IPsec tab.


Locked