Asa VPN Ipsec Problem Windows Client

ddugailliez · ‎01-14-2008

Hi,

I use ASA 5505 with the last version ASA 8.0.3 and ASDM 6.0.3. ( see config in attachment )

The vpn works with a Cisco Client but not with the Windows connection ( i use a pre-share key )

When I connect with the cisco client, I would like to define a default route to go to internet : how can i add the route in the config ?

thank you

jbayuka · ‎01-23-2008

Refer to Problem - Remote Access and EZVPN Users Connect to VPN and Have No Other Access to Resources section of the document Most Common L2L and Remote Access IPSec VPN Troubleshooting Solutions for more information

http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00807e0aca.shtml#topic-ra

ajagadee · ‎01-23-2008

There are couple of ways to send traffic from the VPN Client to internet when they are VPNed into the ASA.

1. Split Tunneling - In this case, you specify what networks that VPN Client should for the VPN Connection and all other traffic will follow the default route on the Host.

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080702999.shtml

2. Intra-interface - Tunnel all traffic to the ASA from the VPN Client and then configure permit intra-interface and include the pool of ip addresses assigned to the VPN Clients to your NAT statement on the ASA. So, your ASA will route the traffic to the internet and back to the client.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00805734ae.shtml

Regards,

Arul

** Please rate if it helps **