Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
423
Views
0
Helpful
6
Replies

Unable to get to server.

Go to solution
mx
Level 1
Level 1

‎04-20-2009 09:47 AM - edited ‎03-11-2019 08:20 AM

Hi everyone. Im stumped on an ASA config. When I vpn in I cant get to a specific server and its driving me nuts.

when I vpn in I get a 172.16.1.x address. Server Im trying to get to is 10.94.8.211 to port 80.

I think the app needs to get to it by its domain name which isnt helping me i.e. http://testserver/url.

However when I vpn in I cant even ping it or http to the address. From inside the LAn, no problem. And of course from the asa CLI I can ping the server fine.

I tried a bunch of things but nothing worked for me.. Im attaching the config. Thanks for any help you might have.

Bob

Labels:
Preview file
14 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
acomiskey
Level 10
Level 10
In response to mx

‎04-20-2009 11:38 AM

If you have an internal dns server which can resolve it to it's internal address then add...

dhcpd dns x.x.x.x

View solution in original post

0 Helpful
6 Replies 6

Go to solution
andrew.prince
Level 10
Level 10

‎04-20-2009 10:06 AM

Bob,

Does the server know how to reach 172.16.1.0/24 address?? If not but the server has a default layer 3 gateway - does the layer 3 gateway know the 172.16.1.0/24 subnet is via the ASA inside IP address?

0 Helpful

Go to solution
mx
Level 1
Level 1
In response to andrew.prince

‎04-20-2009 10:07 AM

Andrew, thank you for the reply. Let me verify...

0 Helpful

Go to solution
acomiskey
Level 10
Level 10

‎04-20-2009 10:07 AM

Add...

isakmp nat-traversal

0 Helpful

Go to solution
mx
Level 1
Level 1
In response to acomiskey

‎04-20-2009 10:24 AM

This command helped, it allows me to now ping it by address but not name. It seems like I still need to resolve the server by name.

I assume I can add dhcpd wins x.x.x.x ?

0 Helpful

Go to solution
acomiskey
Level 10
Level 10
In response to mx

‎04-20-2009 11:38 AM

If you have an internal dns server which can resolve it to it's internal address then add...

dhcpd dns x.x.x.x

0 Helpful

Go to solution
mx
Level 1
Level 1
In response to acomiskey

‎04-20-2009 12:42 PM

Thank you acomiskey, that worked as hoped!

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card