Easy VPN issue

Unanswered Question
Jun 24th, 2008

Hi,

I'm facing an issue while doing easy VPN with network extension mode.

I have a setup

192.100.100.0/24 ---inside (ASA5510 Central ) outside 80.2XX.1XX.1XX --------dynamic ADSL router 192.168.16.1-----192.168.16.21 outside (ASA5505 remote) inside 192.168.1.0/24

I configured the easy VPN with network extension between the central and remote sites I can see that the VPN is up but I'm unable to ping the LAN IPs from the server and remote client attacing the configs also.Split tunnel is also configured.

I cannot reach to the server LAN(192.100.100.0/24) from the remote(192.168.1.0/24) and Vice versa

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
nomair_83 Mon, 06/30/2008 - 00:08

hi,

your ACL should be like this..

access-list no-nat extended permit ip 192.168.1.0 255.255.255.0 192.100.100.0 255.255.255.0.

and type "no vpnclient enable" on server and also verfiy that sysopt connection permit-ipsec.

just remove nat-traversal from default crypto policy and retype it in isakmp policy 10.

Let see it works

kaachary Mon, 06/30/2008 - 09:14

Can you post the output of :

sh cry ipsec sa

sh vpnclient

from the EZvPN client.

Actions

This Discussion