dap, traffic from lan to vpnclient

Unanswered Question
Sep 22nd, 2010
User Badges:

Hi all,

I am configuring an ASA5510 8.2(1)11 to use dap to permit remote access using ipsec vpn client.

Everything is ok except when I try to connect from the LAN to the client.

I receive a message of Authorization denied for user 'unknown' because of the DAP applied to the vpn connection.

How can I permit connection?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Rahul Govindan Wed, 09/22/2010 - 11:10
User Badges:
  • Silver, 250 points or more

Hi,


what is the DAP policy that you are currently using. please post the output of debug dap menu 2 . Also wat does the debug dap trace show you. That should show which dap policy is being hit during login.

gdspa Fri, 09/24/2010 - 00:44
User Badges:

This is the log I have:

6    Sep 24 2010    09:39:32    109025    Server    1648    10.26.0.2    9595    Authorization denied (acl=DAP-ip-user-0076860E) for user '' from Server/1648 to 10.26.0.2/9595 on interface inside using TCP


where 10.26.0.2 is the ip address of the vpnclient.


In the dap I added an acl that permits traffic from the Server to the vpnclient network, and from dap trace I see that this acl is applied to the connection.


What do you mean with debug dap menu 2 ?

Actions

This Discussion

Related Content