IPSEC Outbound VPN Established but cannot ping to remote network server.

Unanswered Question
Jun 9th, 2009
User Badges:

LAN A -- ASA5510 -- Internet -- Firewall -- LAN B


1) Client at LAN A use cisco vpn client to setup vpn tunnel to LAN B. VPN is established successfully and manage to get the ip address from the LAN B. But the client not able to ping & Remote Desktop Connection to LAN B network server


LAN A -- xxx -- Internet -- Firewall -- LAN B


2) Shut down & remove the ASA5510, client at LAN A able to established the vpn tunnel to LAN B.This time, the client is able to ping & remote desktop connection to LAN B server.


LAN A -- ASA5510 -- Internet -- Firewall -- LAN C


3) With the same ASA5510 and no configuration change at all, client at LAN A use cisco vpn client to setup tunnel to LAN C. VPN tunnel is successfully established and client able to ping & remote desktop connection to LAN C.


In summary, existing ASA5510 configuration is working fine and no problem at all for the outbound tunnel to LAN C. It only got problem on the vpn tunnel to LAN B.Weird things here is the VPN tunnel to LAN B is established successfully.But the client not able to ping & remote desktop connection to LAN B server.


Current ASA5510 is running on version 8.2(1).


May i know what's wrong with my firewall and also how to solve this problem ?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
zong8@yahoo.com Tue, 06/09/2009 - 05:38
User Badges:

Hi Sam,

Can you check the nat(0) statement on the FirewallB and see that the access-list includes the subnets of near end and far end and also add this command on firewallB"crypto isakmp nat-traversal 20" and see if the problem goes away.


Thanks

Abdul

sam-lee Tue, 06/09/2009 - 08:48
User Badges:

Hi Abdul,


Thanks for your reply!


I would like to say that i dont have any control on the firewall B. So i cant check and add those command as stated.


As what you have see in my problem description, if i bypass the firewall A, i am able to ping to network B server with vpn tunnel established.


With Firewall A in place,my vpn tunnel is up but i can not ping to network B server.


Instead of check firewall B which is out of my control,any other things we can check on firewall B?


Thanks

Sam

Actions

This Discussion