11-18-2010 01:55 PM - edited 02-21-2020 04:58 PM
Hello,
We have a ASA 5510 (ASA version 8.0) Remote access VPN configured and working for the most part but we have an issue when we have more than one client connecting from a same remote office. When the first VPN client is connected from the remote office, everything works fine but when the second client connects to the VPN, it connects fine but not getting any traffice back to the client. I can see under Monitor -> VPN Statistics-> Sessions -> Remote Access -> Bytes Rx is 0. Both connections are coming from the same public IP address of that remote office. I changed some of the settings on NAT-T and a few other things but no success.
Could someone please help me how to fix this problem?
Thank you very much.
Solved! Go to Solution.
11-18-2010 02:32 PM
Make sure the clients are using it because most likely the're not. (default is NAT-T).
Federico.
11-18-2010 02:18 PM
Hi,
This seems like the ASA knows it has a tunnel already established to the public IP of the remote site... and when another connection comes... the ASA won't send traffic via this other tunnel.
Can you try using IPsec-over-TCP?
http://www.cisco.com/en/US/docs/security/asa/asa83/configuration/guide/ike.html#wp1059912
Federico.
11-18-2010 02:30 PM
Thank you for your reply. Yes, what you described is what is happening to our connetions. I think all the traffic is only forwarding to the first connection that was made. IPsec over TCP with TCP port 10000 is already enabled but we are still having the same problem. Only one client can send and receive traffic and other clients don't receive any traffic from VPN. I can take a look at our clients setting as well and make sure that they are using IPsec over TCP option.
Thank you for your input.
11-18-2010 02:32 PM
Make sure the clients are using it because most likely the're not. (default is NAT-T).
Federico.
11-19-2010 08:37 AM
It worked!!!! Thank you for your help Federico.
11-19-2010 08:44 AM
Glad I could help :-)
Federico.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: