Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

Managing remote access VPNs CSM 3.1 and ASA


I have a distributed environment consisting of CSM 3.1 managing several ASA (5520 and 5510). I have remote access policies configured and each firewall is configured to issue an IP out of a different IP pool.

There is a different rule for each firewall to allow access to specific resources. My problem is that the RA connections seem to work occasionally.

Any thoughts?

Any assistance is greatly appreciated.


Re: Managing remote access VPNs CSM 3.1 and ASA

Make sure that the policies are the same on the both ASA's and the clients. You can turn on debugging to check the error messages when the clients try to connect and the connections drops.

Cisco Employee

Re: Managing remote access VPNs CSM 3.1 and ASA

Typically CSM (for management) is an all or nothing deal - either your configuration will work or it won't.

That being said, the previous poster is correct. The client will typically tell you why it is disconnecting or can't connect.

Go into the client and do the following:

Log --> Enable

Log --> Log Settings : set everything to '3'

Log --> Log Window

This will bring the log window up. Then try connecting and when you have a failure, look in the log around that time and see what the issue is.

CreatePlease to create content