Ive got a new 620 local connected to a 3200 master across the Internet via the default IPSEC map. Te local is able to receive updates from the master no problem. The problem is the locall cannot connect to the master via GUI or ping a subnet on the master. However, the master is able to ping the local.
The main issue is that when I'm not onsite with local, I cannot SSH or hit local's GUI. So even though I've got an IPSEC SA, I'm not able to route from local to master. I have a static route like this....
ip route 192.168.210.0 /24 IPSec <map name>
Ive had a case opened with Aruba & they haven't found a solution. I also have a second local at a different site that is working fine & is identical except for one thing. Te one I'm having problems with has a dynamic public IP. The crypto statement on the master uses "0.0.0.0" for the source. The crypto for the working local has a static IP.
I appreciate the help in advance. Oh & all running 6.1.3 AOS.
#3200