cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
717
Views
4
Helpful
4
Replies

RA and L2L issue on ASA

balsheikh
Level 1
Level 1

Hi,

The scenario as following, I have two ASA5510 running version 8.0(5) and connected over Internet via IPsec dynamic to static L2L (obviously the static one is on HQ), it works perfectly fine with no issue. I have configured remote access VPN to terminate on HQ's ASA and it works fine as well.

now I'm trying to grant access for RA clients to resources reside on the branch (dyanmic ASA) but to no avail.

Any idea !!

Regards,

Belal

4 Replies 4

JORGE RODRIGUEZ
Level 10
Level 10

Belal,  follow this example in thread, also reference the link within..you should get it to work.

https://supportforums.cisco.com/message/889330#889330

Rgds

Jorge Rodriguez

Hi Jorge,

I got it work, thanks for the post. I always did the testing from the VPN client (Remote users) but it didn't work, then I thought to try to ping from the subnet behind the ASA (dynamic L2L Tunnel) and amazingly start working, the issue was the users unable to initiate the session, once the tunnel established from ASA side the remote users granted access for all resources behind ASA.

Many thanks for the support.........

Regards,

Belal, glad you got it working..  and you're very  welcome

Rgds

Jorge Rodriguez

Hi Jorge,

I'm facing difficalty to force the VPN clients to initiate the VPN session, VPN clients can only responding to dynamic ASA.

any idea !!

Rgd,

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: