Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

Cant connect inside with VPN client to ASA 5505

Hello,

I can establish a vpn connection to ASA 5505 but can not reach the inside network at 3 from 4 remote sites. Only on one site the connection ist working properly. On the other 3 sites I am able to connect to other VPN gateways e.g PIX 501

Thanks for help

Michael

1 ACCEPTED SOLUTION

Accepted Solutions

Re: Cant connect inside with VPN client to ASA 5505

Michael I found what is missing after re-checking your config. Add the following

isakmp nat-traversal 20

Regards

9 REPLIES

Re: Cant connect inside with VPN client to ASA 5505

Hi Michael

Please post your config, is this site-to-site or Remote access vpn?

New Member

Re: Cant connect inside with VPN client to ASA 5505

it is remote VPN. here the config is atached.

thank you

Re: Cant connect inside with VPN client to ASA 5505

Config looks OK. The working connection in one site is also a clue for this. Other 3 must be a clientside issue. Either groupname, preshared key or peer ip is wrong. I suggest you to copy the pcf file in site in which connection works then import this pcf file in a site in which connection does not work. You can search for *.pcf in C:\ drive, you will see the pcf of this RemoteAccess VPN

New Member

Re: Cant connect inside with VPN client to ASA 5505

Thank you for responds, I am using the same Clinet !!! (Notebook) at one site it works at the 3 other not. The remote VPN connection is established and I received a valid ip "10.151.53.100" from VPN-IP-pool. I even can see the connection in session monitor in ASDM but no acces to inside LAN

Any other ideas?

Re: Cant connect inside with VPN client to ASA 5505

Aha!

Most probably, the router/modem does not support transparent tunneling or it is not enabled. In VPN client screen, click on the connection, then click modify. In Transport tab, uncheck "Transparent Tunneling"

New Member

Re: Cant connect inside with VPN client to ASA 5505

I tried but it doesn't work. I wrote you I am able to connect to different sites (PIX501) with transparent tunneling checked...

I have only problems connecting to the ASA 5505 with same vpn client

really strange

Re: Cant connect inside with VPN client to ASA 5505

Michael I found what is missing after re-checking your config. Add the following

isakmp nat-traversal 20

Regards

New Member

Re: Cant connect inside with VPN client to ASA 5505

thats it, thanks al lot for your great support.

Best regards

Michael

Re: Cant connect inside with VPN client to ASA 5505

You are welcome Michael, nice to see that your problem is resolved :)

330
Views
0
Helpful
9
Replies
CreatePlease to create content