connecting Cisco VPN client v5 to asa 5505

Answered Question

I am having problem configuring remote vpn between ASA5505 and Cisco VPN client v5. I can successfully establish connection between ASA and Vpn client and receive IP address from ASA. VPN client statistics windows shows that packets are send and encrypted but none of the packets is Received/Decrypted.

Can not ping asa 5505

Any ideas on what I have missed?




Attachment: 
Correct Answer by acomiskey about 9 years 7 months ago

Try adding...


crypto isakmp nat-traversal


Also, you will not be able to ping the inside interface of the ASA from the vpn without this commmand...


management-access inside


Please rate helpful posts.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.5 (2 ratings)
Loading.
mfreijser Tue, 09/25/2007 - 00:27
User Badges:
  • Bronze, 100 points or more

Your NAT configuration is incomplete, enter the following commands to your configuration:


-----------------------------------------------

access-list nonat extended permit ip 192.168.1.0 255.255.255.0 192.168.0.0 255.255.255.0


nat (inside) 0 access-list nonat

-----------------------------------------------


This tells the ASA that the traffic destined for the VPN Client should not be NATted and should be sent directly to the client via the VPN Tunnel!


Please rate if the post helps!


Regards,


Michael

Correct Answer
acomiskey Tue, 09/25/2007 - 06:30
User Badges:
  • Green, 3000 points or more

Try adding...


crypto isakmp nat-traversal


Also, you will not be able to ping the inside interface of the ASA from the vpn without this commmand...


management-access inside


Please rate helpful posts.

Actions

This Discussion