Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

EZvpn 851 to ASA 5510 Version 8.0

OK, I am stumped. I created the VPN connection, have it auto xauth, VPN comes up, but I cant route. What do I need to do the get routing established?

The networks I need to reach are 10.14.0.0/24, .1.0, .2.0, and .3.0 /24 which are behind the ASA, the remotes will be 10.14.5.0, 16, 32, and 48 /28.

I followed http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080809222.shtml

and get NEM_Remote_Subnets=10.14.5.0/255.255.255.240 10.14 on the 851, but cant ping across from a machine behind the 851 to a server behind the ASA.

1 REPLY
New Member

Re: EZvpn 851 to ASA 5510 Version 8.0

I found the problem, the document I linked to has an error.

access-list Split_Tunnel_List standard permit 192.168.10.0 255.255.255.0

This is supposed to push what traffic to encrypt to the client, but it is the clients network that is listed. Once I discovered that I had the wrong network being sent to the client, the split tunnel started working. The correct ACL should be

access-list Split_Tunnel_List standard permit 10.10.10.0 255.255.255.0 which is the network of the ASA.

Once I got split tunneling working, it was a matter of getting the no nat working since there are more than 3 remote 800 routers using Ezvpn to connect to this ASA along with Cisco VPN clients.

182
Views
0
Helpful
1
Replies