cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
452
Views
0
Helpful
4
Replies

ASA 5510 Remote Access temporary failure

sznemeth26
Level 1
Level 1

Hi,

I have one client who have an ASA 5510 device for Remote Access and siteto-site vpn. Site-to-Site VPN work properly, but i have problems with Remote Access sessions. The device configured by the previous system administrator and to tell you honestly this i the first time i get to know an ASA from the inside.

Sthe problem is that while Site-to-Site VPN connections work properly, Remote Access connections works only temporary. Remote clients could connect to ASA, they get IP from DHCP. They could ping each other, also they could ping the servers on the other end of the site-to-site VPN, but could ping nothing from the intranet.

The interesting thing is that after i reboot the ASA they could connect again then after a lil while they cannot access anything in the intrane again the i should reboot ASA again.

Any suggestion where could i search for solution. I just hate to reboot the ASA 2-3 times a day ...

Thanks for all the help you could give to me! :)

4 Replies 4

acomiskey
Level 10
Level 10

Could you post a clean config please?

Do you mean a show running-config result? Sure i attach to my post. If you don't mind i put '*' to the domain name and where the name of the company was.

Thanks for helping me! :)

The first thing I notice is that your vpnpool should never be the same subnet as your inside network. I would start by changing the vpnpool to something other than 10.10.11.0. If you do this you will also have to change the rest of the config that references the vpn pool subnet of 10.10.11.0.

I know the vpn pool cant be the same for sure! But this is the configuration what the previous system administrator made ... also i am not that expert in configuring Cisco devices so if you dont mind i just want it to work properly now and after they wont allways lost the connection with the intranet i will change it. :)

Do you see anything in the config what could made the error i described first?

The weird thing is that sometimes it could work properly for months ... but these days i have to restart ASA 1-2 times a day! This thing is really annoying ... btw my clue was that the problem relates to one ACL or firewall rule.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: