Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

ASA 5510 IPSEC VPN connection problem

Hello,

We have a ASA 5510 (ASA version 8.0) Remote access VPN configured and working for the most part but we have an issue when we have more than one client connecting from a same remote office.  When the first VPN client is connected from the remote office, everything works fine but when the second client connects to the VPN, it connects fine but not getting any traffice back to the client.  I can see under Monitor -> VPN Statistics-> Sessions -> Remote Access -> Bytes Rx is 0. Both connections are coming from the same public IP address of that remote office.  I changed some of the settings on NAT-T and a few other things but no success.

Could someone please help me how to fix this problem?

Thank you very much.

Everyone's tags (5)
1 ACCEPTED SOLUTION

Accepted Solutions

Re: ASA 5510 IPSEC VPN connection problem

Make sure the clients are using it because most likely the're not. (default is NAT-T).

Federico.

5 REPLIES

Re: ASA 5510 IPSEC VPN connection problem

Hi,

This seems like the ASA knows it has a tunnel already established to the public IP of the remote site... and when another connection comes... the ASA won't send traffic via this other tunnel.

Can you try using IPsec-over-TCP?

http://www.cisco.com/en/US/docs/security/asa/asa83/configuration/guide/ike.html#wp1059912

Federico.

New Member

Re: ASA 5510 IPSEC VPN connection problem

Thank you for your reply.  Yes, what you described is what is happening to our connetions.  I think all the traffic is only forwarding to the first connection that was made.  IPsec over TCP with TCP port 10000 is already enabled but we are still having the same problem.  Only one client can send and receive traffic and other clients don't receive any traffic from VPN.  I can take a look at our clients setting as well and make sure that they are using IPsec over TCP option.

Thank you for your input.

Re: ASA 5510 IPSEC VPN connection problem

Make sure the clients are using it because most likely the're not. (default is NAT-T).

Federico.

New Member

Re: ASA 5510 IPSEC VPN connection problem

It worked!!!! Thank you for your help Federico.

Re: ASA 5510 IPSEC VPN connection problem

Glad I could help :-)

Federico.

1645
Views
0
Helpful
5
Replies
CreatePlease to create content