Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Not able to connect ASA Itself through remote ipsec vpn

Hi ,

 

I have configured the Remote IPsec vpn on my firewall asa 5510. i have configured the standard acl for accessing the internet network. i am able to connect the vpn, able to access the lan devices as well but when i tried to connect to the firewall itself on public IP its not working.

any suggestions Please.

 

 

 

5 REPLIES
Hall of Fame Super Silver

We could answer your question

We could answer your question better if we knew more about how you have configured your ASA and how you are attempting to access it. In particular it would help if we knew what is the addressing in your VPN address pool, how you are attempting to access the ASA (is it telnet, SSH, ASDM), and what addresses and source interfaces you have specified as able to access the ASA.

 

HTH

 

Rick

New Member

 Hi ,I have configured one

 

Hi ,

Running IOS:Cisco Adaptive Security Appliance Software Version 8.2(5)

In the normal operation i am able to ssh the inside interface through lan. and also earlier through vpn i was able to access the firewall on outside interface.

 

I have configured one subnet 10.101.101.0 255.255.255.224 for vpn, and trying to do ssh .also earlier it was working fine... but now its not working. ssh is enabled on outside interface for this subnet.

ip local pool pool**** 10.101.101.1-10.101.101.30 mask 255.255.255.224

tunnel-group noc-****** general-attributes
 address-pool pool*****
 default-group-policy ra-*******

group-policy ra-***** attributes
 wins-server none
 dns-server value ************
 vpn-simultaneous-logins 10
 vpn-tunnel-protocol IPSec
 split-tunnel-policy tunnelspecified
 split-tunnel-network-list value ra-********
 default-domain value vertex.co.in

ssh 10.101.101.0 255.255.255.224 outside

access-list ra-******* standard permit host *******************  -------Even added acl for public ip of asa
access-list ra-******* standard permit host ******************
 

*************

Note: When am trying to ssh the firewall outside interface IP, getting log that ACL denied

the Logs which is generated is not from the IP which i got through vpn , its from my public IP of Data card.

 

 

 

 

 

 

 

 

 

 

Hall of Fame Super Silver

From the symptoms that you

From the symptoms that you describe I am guessing that the issue has to do with the configuration for split tunneling for AnyConnect. Were any changes made in that part of the config of the ASA? Can you provide the details of how split tunneling is currently configured?

 

HTH

 

Rick

New Member

Thanks for the support..

Thanks for the support..

 

Issue got resolve. now am able to connect it automatically....

Hall of Fame Super Silver

It is good to know that the

It is good to know that the issue is resolved. Can you share with us what the problem was and what you did to resolve it?

 

HTH

 

Rick

53
Views
0
Helpful
5
Replies
CreatePlease login to create content