Anyconnect client traffic does not reach remote sites connected via site-to-site vpn
Hi everyone, I have a 5550 ASA running version 8.2(1) which is being used to tunnel between sites and also serves as remote access server. Anyconnect tcp/udp client traffic that is tunneled to other sites via site-to-site vpn fails.
I get these in the logs (either RST or SYN/ACK)
6 Nov 24 2010 12:06:48 106015 10.13.2.1 80 10.6.1.102 15996 Deny TCP (no connection) from 10.13.2.1/80 to 10.6.1.102/15996 flags RST ACK on interface outside
ICMP traffic is ok as I can ping units in remote sites
10.13.0.0/16 being the remote site and 10.6.1.0/24 being the vpn client subnet
10.6.1.254 is another router connected to the same segment
Internet is being routed to another ASA on the same segment
I have run out of ideas can anyone shed some light ?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...