Remote Access VPN is not working on ASA

Unanswered Question
Jul 25th, 2009
User Badges:

hi all,

remote access VPN is not working on ASA 5505 when I configured the outside interface of ASA as PPPoE.

It works well when I configured the Outside Interface with static IP with the same LAN range of D-Link ADSL router.I port forwarded UDP port 4500,500 & TCP 1723 from the D-Link router to the outside interface of ASA.


I think my asa is not forwarding the IPSEC ports.


How can I configure my ASA to allow these ports.I tried to configure to allow these ports, but fails as my ASA is acting as VPN Headend device & PPPOE router


Expecting your valuable reply





  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Ivan Martinon Tue, 07/28/2009 - 13:06
User Badges:
  • Cisco Employee,

What exactly is the problem when using the PPPoE modem? client does not connect? it connects but does not pass traffic?


First, ASA does not need to forward any ports if it is a VPN Server, on another hand, if the ASA is a VPN Pass-Through then you would need to forward ports.


The Cisco VPN Connection uses UDP 500, ESP protocol (portless) and in case of NAT-T it uses UDP 4500.


If your ASA is the vpn server, then I would advise you to run some debugs on the asa to check whether the client is getting all the way to it.

pranavam_dileep Fri, 07/31/2009 - 00:13
User Badges:

hi imartino,

thanks for your reply, its the mistake from my configuration side.


one more thing I have to clarify is the site-site vpn configuration in ASA, but the problem is that both the site is having Dynamic public Ip.When I entered the hostname eg:a.selfip.com it is not taking.it is only accepting the IP address only.I configured site-site vpn using ASDM.I checked in the NetPro forum, but iam not getting any satisfactory explanation.


Please help on this issue also


regards

dileep


Actions

This Discussion