ASA VPN client problem

Unanswered Question
Aug 25th, 2010

Hi All,

we have setup VPN client, it is working fine but I can't ping some host inside the network. all hosts inside LAN are using the same default gateway, but some of them are not accessible by VPN client. any suggestion would be very appreciated.

thanks

Alex

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Federico Coto F... Wed, 08/25/2010 - 13:37

Hi,

These are the steps that I would follow:

1. Check the VPN tunnel establishes correctly ''sh cry isa sa''

2. Check traffic flows through the tunnel ''sh cry ips sa''

If the tunnel is fine, check you have the following commands:

management-access inside

sysopt connection permit-vpn

crypto isakmp nat-t

If you can access some hosts and some don't, check that the ASA is not doing any VPN filtering.

Federico.

lawchung Wed, 08/25/2010 - 15:56

Check to see if you can ping the host from an internal computer first because it might just have a firewall app block it like Windows firewall.

Actions

This Discussion