cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
551
Views
0
Helpful
6
Replies

ASA 5550 VPN connectivity error

figment
Level 1
Level 1

I've searched the forums but didn't find any of the solutions helped. I've got remote access VPN setup. I can connect to the ASA but can NOT ping or pass traffic to any hosts. I'm running 7.2(2).18 firmware. I tried using the VPN wizard as well as the docs to manually create it and have had the same result.

I've wiped the ASA and started over thinking it was something in my config but no help either. I'm at my wits end and I haven't even started on the site to site!

I have a 5510 that the VPN wizard works fine on. I connect and pass traffic right away.

One interesting thing is I get a error on the VPN client with the addroute failed 87. I've tried different versions of the client and tried the 5.0 client with a fresh PC and got the same result.

Please help! I've attached my config.

6 Replies 6

acomiskey
Level 10
Level 10

add...

crypto isakmp nat-traversal

Just added that. Tried again and still no luck.

I forgot to add I've tried connecting from a NAT'd PC and from a WWAN device that had a public IP.

Whats the OS on the client?

Do you have any other vpn client installed on this machine?

OS on the multiple clients I've tried on has been XP SP2. I tried on one client that had never had any vpn client installed, I installed ver 5 on this new client and still had the same problem.

No othe VPN clients are installed. The only thing was both clients had Vmware insatlled.

The odd thing is when I connect to the 5510 with the same client I get no errors and connectivity is good.

ggilbert
Cisco Employee
Cisco Employee

Reading through your description it seems like you are running into a bug which is not fixed.

CSCsb05686

the problem happens when you have more than 1 ip address attached to the interface. Since you mentioned that you have VM ware, I am guessing that might be the problem.

Would it be possible to disable the interface of the VM ware adapter and try the client.

Let me know how it goes.

Rate this post, if it solves the issue.

Cheers

Gilbert

I tried disabling both VMware adapters and tried again with no luck.

The normal LAN adapter only has one IP on it assigned from DHCP.

I'm going to install the 5.0 vpn client on a PC that does not have vmware and try it as well.

Any other ideas? Would it help to take the 5550 down to the same firmware as the 5510? The 5510 has 7.0.6 code on it.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: