I need help...and Thank you in advance!!
I am setting up a MX-105 but temporarily the MX is required to sit behind an ASA 5508 until I get all the VPN tunnels currently routing to a MikroTik moved to the MX to Non-Meraki VPN. This is due to only having 1 Public IP and management not allowing the small fee to purchase an additional IP from our ISP. Just working with what I have...
I am struggling to get the MX-105 to either route through the ASA or I can't get the MX Non-Meraki VPN settings correct. The tunnel will be terminating on a Sierra Wireless RV50x modem. I also have a few Mikrotik routers that I have that to swap the tunnels as well.
I am not getting any failures on the Meraki Event log. On the RV50x log only shows:
Mar 20 21:39:56 err ALEOS_VPN_SwanMgr: establishing CHILD_SA 'tunnel2' failed
Mar 20 21:39:56 info ALEOS_VPN_SwanMgr: tunnel2 will be restarted
I've tried with no Local ID or Remote ID, tried with one or the other. I feel that the issue is within the ASA but I am a noob when it comes to ASA's. I've just never had to deal with them before. They were configured and managed by someone else. I am very well versed on Meraki SD-WAN and RV50's.
What I have so far is: (All IP's are changed for obvious reasons)
MX internal IP: 172.1.1.2
MX public IP: 180.95.150.130
MX vlan/subnet: 10.20.30.0/24
ASA MX interface: 172.1.1.1
ASA public IP: 180.95.150.130
RV50 internal IP: 172.2.2.2
RV50 public IP: 60.225.50.45