Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Once connected to remote site VPN users can't go anywhere

We have setup a remote site IPSEC vpn on Cisco ASA 5520's. When users connect via AT&T Air-cards, they are able to connect to VPN and get to internal servers and the internet (no split tunneling being used). When users are on local area network at home (behind wireless access points, firewalls) or in the office on LAN they can connect, but can't go anywhere (can't ping any internal server or internet).

We have verified that their is no private addressing conflict.

Does anyone have an idea of what could be causing this?

Thanks in advance,

1 ACCEPTED SOLUTION

Accepted Solutions

Re: Once connected to remote site VPN users can't go anywhere

Try enabling NAT-T on asa, have them try after you enable it.

PIX/ASA 7.1 and earlier

pix(config)#isakmp nat-traversal 20

PIX/ASA 7.2(1) and later

securityappliance(config)#crypto isakmp nat-traversal 20

http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00807e0aca.shtml#Solution1

Regards

2 REPLIES

Re: Once connected to remote site VPN users can't go anywhere

Try enabling NAT-T on asa, have them try after you enable it.

PIX/ASA 7.1 and earlier

pix(config)#isakmp nat-traversal 20

PIX/ASA 7.2(1) and later

securityappliance(config)#crypto isakmp nat-traversal 20

http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00807e0aca.shtml#Solution1

Regards

Community Member

Re: Once connected to remote site VPN users can't go anywhere

Thanks Jorge. That resolved my issue.

389
Views
0
Helpful
2
Replies
CreatePlease to create content