09-10-2007 12:04 AM
We're (us & our consultants)able to see others end of the tunnel but they (consultants) are not able to reach the hosts they're after. What could have gone wrong as it use to work before. We've never done any changes to the firewall settings? What kind of a problem is this and how do I resolve it if it's firewall related? Note that the hosts the clients are trying to reach up and PINGable.
09-10-2007 02:55 AM
Please help. My query is posted above. The VPN tunnel is up. I can see my peer. But the hit counts to my internal hosts are on 0. My consultants can't access these hosts. Where do you think the problem will be? Is it on the firewall, routing or the hosts themselves? Please help!
09-10-2007 05:59 AM
It's hard to diagnose without some configs, but I DO NOT recommend posting your configs here.
My suggestion is to turn on logging on the client and your firewall (PIX, ASA or ?). You might get a clue if the firewall is dropping packets. Otherwise, I would suspect a routing problem.
Here are my questions:
Are you using split-tunneling? Do the hosts have a route back to the VPN users? Are there some ACLs on the inside interface of the firewall? Do you see the client traffic on the next hop router after the firewall?
Ron
09-10-2007 06:28 AM
You can post your configs, just remove passwords, public ip's etc.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide