cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
563
Views
0
Helpful
5
Replies

ASA 5505 VPN over cellular modem doesn't work

twebb
Level 1
Level 1

I just posted a question yesterday that was answered quickly. Thanks.

I have the VPN up and running now except for one problem. Users trying to connect over cellular modems (Dell Mobile Wireless on AT&T) get connected but then cannot get anywhere, either external or internal.

I have verified this with myself and another user. If I use the cellular card I get connected then I can't access anything (no ping, no http, no telnet). If I disconnect and connect either over a wired or wi-fi lan connection it works...I can access internal services on the remote lan.

Another thing is I can access a VPN 3005 Concentrator over the cellular modem and it works fine.

This situation seems pretty strange. Can anyone help or shed some light?

config posted.

5 Replies 5

nomair_83
Level 3
Level 3

As per your last post u still cant access the internal lan..

"here's what I have now. I can still connect via the cisco client, I just can't do anything after it authenticates and connects. "

So now problem is only with cell right..wi-fi or lan works fine...?

I'll suggest you to try split tunnel ACL(same like nonat with different name) and call that acl in group-policy with tunnelspecified,see if it works or not...

Regards,

Farrukh Haroon
VIP Alumni
VIP Alumni

Did you really put this command as stated in your last post? I don't see it in your oonfig. Please try to put it now:

crypto isakmp nat-traversal 10

Regards

Farrukh

I added crypto isakmp nat-traversal 10 to the config. Still doesn't work. I'm leaning more towards this being an issue with the drivers from Dell as I have been able to connect and have the VPN function as it should from a wired or wi-fi connection.

The only thing that goes against that is I can connect to 2 different 3005 concentrators over the cellular modem and it works fine.

I notice when I connect to the ASA if I do an IPCONFIG/ALL I have default gateways on both the cellular (PPP) connection and the Virtual adapter connection. Shouldn't I only have one gateway which would be the one associated with the Cisco Virtual Adapter (the gateway is my ip address, as it should be).

The current default gateway is displayed separate at the end of the route print.

Regards

Farrukh

ok, looks like that is correct.

Default Gateway: 192.168.96.8

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: