I have problem when i connect to my VPN 3005 concentrator (central site 192.168.1.0) with SW client and try to ping remote network (192.168.2.0) that is connected using VPN 3002 in network exstension mode. Is there a routing problem? Thanks.
Are you doing split tunnelling? If so make sure the 192.168.2.0 network is included in your split tunnel list to the clients, and that the VPN pool of addresses is included in the list sent to the 3002.
Also if you're doing split tunnelling you'll need to send traffic FROM behind the 3002 to the VPN pool of addresses first, BEFORE you'll be able to connect from the client to behind the 3002, this is because the 3002 won't actually build the SA for this network until it sees traffic for it outbound.
I'm doing split tunneling and I have the networks specified in the "local" profile under network list. Can you describe the second action deeper or is there a configuration example that you can send to me? Thanks for your reply.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...