VPN Remote Access

Unanswered Question
Mar 19th, 2009

I have a remote device, and I need to tunnel into my network and access local resources.

I have setup a Tunnel Group in my ASA5510.

I can connect and authenticate, but cannot seem to ping internal devices on the network.

The IP pool for the tunnel assigns the following range: 172.16.100.1 - 172.16.100.254.

My client received the 172.16.100.1 address on the virtual VPN adapter.

I cannot get out to the internet, nor can I ping devices inside my network.

The internal network is 10.4.4.x

My IP addressing is as follows:

PPP adapter NationalAccess - BroadbandAccess:

Connection-specific DNS Suffix . :

IP Address. . . . . . . . . . . . : 75.193.71.148

Subnet Mask . . . . . . . . . . . : 255.255.255.255

Default Gateway . . . . . . . . . :

Ethernet adapter VPN#1:

Connection-specific DNS Suffix . :

IP Address. . . . . . . . . . . . : 172.16.100.1

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 172.16.100.1

The only thing I can ping is the ASA device itself. No local addresses and no global addresses.

The tunneled taffic is coming in on the outside firewall interface, so do I need to add an ACE to allow it inside?

I am not sure how VPN routing occurs.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
oneirishpollack Thu, 03/19/2009 - 12:15

I used split tunneling and it changed my IP addressing to the following:

Connection-specific DNS Suffix . :

IP Address. . . . . . . . . . . . : 75.193.71.148

Subnet Mask . . . . . . . . . . . : 255.255.255.255

Default Gateway . . . . . . . . . : 75.193.71.148

Ethernet adapter VPN#1:

Connection-specific DNS Suffix . :

IP Address. . . . . . . . . . . . : 172.16.100.1

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . :

So I am now able to access the Internet, just not devices in my network.

Actions

This Discussion