ASA 5505 VPN over cellular modem doesn't work

Unanswered Question

I just posted a question yesterday that was answered quickly. Thanks.


I have the VPN up and running now except for one problem. Users trying to connect over cellular modems (Dell Mobile Wireless on AT&T) get connected but then cannot get anywhere, either external or internal.


I have verified this with myself and another user. If I use the cellular card I get connected then I can't access anything (no ping, no http, no telnet). If I disconnect and connect either over a wired or wi-fi lan connection it works...I can access internal services on the remote lan.


Another thing is I can access a VPN 3005 Concentrator over the cellular modem and it works fine.


This situation seems pretty strange. Can anyone help or shed some light?


config posted.



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
nomair_83 Sun, 06/22/2008 - 22:21
User Badges:
  • Bronze, 100 points or more

As per your last post u still cant access the internal lan..


"here's what I have now. I can still connect via the cisco client, I just can't do anything after it authenticates and connects. "


So now problem is only with cell right..wi-fi or lan works fine...?


I'll suggest you to try split tunnel ACL(same like nonat with different name) and call that acl in group-policy with tunnelspecified,see if it works or not...


Regards,






Farrukh Haroon Sun, 06/22/2008 - 22:28
User Badges:
  • Red, 2250 points or more

Did you really put this command as stated in your last post? I don't see it in your oonfig. Please try to put it now:


crypto isakmp nat-traversal 10


Regards


Farrukh

I added crypto isakmp nat-traversal 10 to the config. Still doesn't work. I'm leaning more towards this being an issue with the drivers from Dell as I have been able to connect and have the VPN function as it should from a wired or wi-fi connection.


The only thing that goes against that is I can connect to 2 different 3005 concentrators over the cellular modem and it works fine.


I notice when I connect to the ASA if I do an IPCONFIG/ALL I have default gateways on both the cellular (PPP) connection and the Virtual adapter connection. Shouldn't I only have one gateway which would be the one associated with the Cisco Virtual Adapter (the gateway is my ip address, as it should be).

Actions

This Discussion