Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Allowing vpn passthrough on a ASA 5510

Ok, here's my situation, mind you i'm extremely new to Cisco router/firewalls. I have a internal device that generates a vpn tunnel to a remote location. However I have a ASA 5510 as my firewall. How do I configure the ASA 5510 to allow the VPN traffic through the firewall. I have opened up the UDP, ESP, GRE ports and am allowing pinging. However I am unable to establish a connection to my remote location. I am also unable to ping to any outside location. I have checked the internal and extrenal devices and they are configured appropriately. So my issue has to be with the firewall.

If I have posted this in the wrong location please let me know the appropriate spot.

1 REPLY
New Member

Re: Allowing vpn passthrough on a ASA 5510

Hello,

i didn't tried to build an vpn through the device, my vpn's are ending at the device. Try to check the logs of the ASA, to see if anything is dropped by acls.

Ping is a bit special. I had to allow the following icmp-types on input access-list on the external Interface:

Echo-reply (this is needed for Ping-Replys)

also you should allow the following types:

redirect

time-exceeded

traceroute

unreachable

861
Views
0
Helpful
1
Replies
CreatePlease to create content