VPN client connot communicate with anothe VPN client - ASA

Unanswered Question
Jun 29th, 2010
User Badges:

Any suggestions as to why my vpn client users cannot communicate with other VPN client connected users? In other words peer to peer communication.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Walter Lopez Tue, 06/29/2010 - 20:03
User Badges:
  • Cisco Employee,

Some suggestions:

1. Be sure you have the command (it will allow you to U-Turn in the ASA):

- same-security-traffic permit intra-interface

2. If using Split-Tunnel, be sure you have the Pool of the VPN Clients in the Split-Tunnel ACL under the group-policy.

3. Check (Disable) any firewall or anti-virus on the computers.

4. Check if the packets are going through the other VPN Client connection you are trying to reach, use the command:

- show crypto ipsec sa

5. Take captures on the ASA to confirm if the firewall is not dropping the ICMP Packets:

-- capture asp type asp-drop all

--> show capture asp | inc


This Discussion