Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
380
Views
0
Helpful
2
Replies

Wacky ASA VPN Access Problem

nomanbari
Level 1
Level 1

‎05-08-2006 03:25 AM - edited ‎02-21-2020 02:24 PM

Hi Folks,

I am currenty facing a situation and I am in real need for advice....

The situation is that though ASA is allowing our remote branches to access the inside network and its allowing inside folks to visit Internet, its not allowing VPN access from remote VPN client....V R using Cisco's VPN client ver. 4.6....

Please see a basic network layout that illustrates our network and the ASA's configuration....

Any advice to resolve this will be greatly appreciated....

Regards,

Noman Bari

Labels:
Preview file
5 KB
Preview file
25 KB
0 Helpful
2 Replies 2

nomanbari
Level 1
Level 1

‎05-08-2006 04:14 AM

hi,

i added sysopt connection permit-ipsec, but still no result...

any help in resolving this will be greatly appreciated....

bye

0 Helpful

nomanbari
Level 1
Level 1
In response to nomanbari

‎05-08-2006 11:10 PM

Hi,

Whats happening is that i have now connected asa's outside interface directly to my test system which i am assuming to be coming from Internet e.g.,1.0.0.1 has been assigned to asa's outsided and 1.0.0.2 to the PC.

Now when there is no vpn config is on asa side and i try to connect then the vpn client obviously gives me an error message that peer isn't available... The thing is once i do the ASA's remote access vpn config via VPN wizard in ASDM, the vpn client gives me the error messages like failed to authenticate peer etc. (U can view them in the attached log file)...VPN Client gives following error notification:-

Initializing the connection...

Contacting the security gateway at 1.0.0.1...

Secure VPN Connection terminated locally by the Client.

Reason 401: An unrecognized error occurred while establishing the VPN connection.

Not connected.

What i m getting confused is that though on ASA's side i m defining encryption perimeters but on vpn client side there is no encryption options available, so that both ASA and vpn client use same authentication and/or encryption methods.

In simple words VPN client is not getting authenticated and I can't seem to identify what I am missing in my configuration.

Your help will be greately appreciated.

Bye

Preview file
5 KB
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents