Remote vpn clients cannot access internal gateway

Unanswered Question
Jun 8th, 2009
User Badges:

We have an ASA 5510 which has remote VPN clients, tunneling over IPSEC/L2TP using the cisco client, unable to access a remote network. Crude diagram attached, sorry I don't have visio :(


What's happening is that the RA clients have their 192.168.1.x address that they get from their local wireless router at home, then the ASA Cisco vpn connection gives them an IP of 10.1.210.x, which they can access the entire corporate network fine...


The problem is that they cannot access the router for our remote network hosing our ERP system, which has a router gateway address of 10.1.200.247. Clients in the corporate office can access the router fine as we use static routes on machines we want to have access this erp system...


Persistent Routes:

Network Address Netmask Gateway Address Metric

66.248.225.128 255.255.255.192 10.1.200.247 1

66.248.227.0 255.255.255.128 10.1.200.247 1

The Remote access clients can't use this static route because they have a 192.168.x.x address... So I tried editing the policy of the VPN connection and added the network to the split tunnel networks, but they still cannot access the router...


Now it could be that the router to the ERP system only allows traffic from the 10.1.200.x network and not the 10.1.210.x network, but I'm not sure if the ASA is forwarding the traffic to the router as a 10.1.200.x address or a .210.x address...


should I focus on the remote router configuration? Or am I missing something? Thanks for any help!



Attachment: 
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion