I have a VPN client that connects at one site but not the other. Heres the scenario.
We have 5 static IPs from ISP provider which is sent to cable modem. IPs assigned as follows.
Cable Modem - 4 ports (pass all, 5 static IPs)
Network A outside (port1) - x.x.x.1
Network B outside (port2)- x.x.x.2
Network C ASA outside (port3)- x.x.x.3
So my PC is on network A. Network C/ASA device is pingable from network A and B and network C is also pingable from Modem. VPN client will connect through network A to Network C and tracert reveals the correct routing. However when I install VPN client on home computer-Network D it will not connect. Network C is not pingable from my home either while the other 2 networks are pingable from my home. So I am a bit confused because VPN client will connect to ASA device from one different network but not the other and the client input matches exactly at both places. Cable modem passes everything. ACL has incoming any-any on outside for ICMP. Attached is my config.
First of all, you have made the common mistake about IP addresing. 192.168.0.x is the default IP address of most off the shelve modems and routers. Addressing schemes like 192.168.0.x, 192.168.1.x, 172.16.0.x, 172.16.1.x, 10.0.0.x will cause problems when the issue is VPN, site-to-site or Remote Access. Your home router might also be in 192.168.0.x subnet now and this will cause troubles similar to one you encounter now.
Plus, I dont see an ACL allowing PINGs, so do the following modification in config.
"So my PC is on network A. Network C/ASA device is pingable from network A and B and network C is also pingable from Modem. VPN client will connect through network A to Network C and tracert reveals the correct routing"
What I understand from above is, you connected via VPN client, and PING was all good correct? From where did you connect?
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...