Cisco Support Community
Community Member

Cannot Access Inside from VPN Client

Hi all

I am sorry that i make u feel bore of same question.

I went through all the posts regarding this and am not able to troubleshoot the issue .

I am able to Connect to my ASA and establish a tunnel

I am able to ping my ASA inside

I am able to run Telnet and ASDM over the VPN client to my ASA

But I am not able to ping any host inside the network

I am attaching Running config and sh crypto ipsec sa

please do the favor

Cisco Employee

Re: Cannot Access Inside from VPN Client


Looks like a routing issue.

If you VPN Tunnel is up and you are able to ping the inside IP Address of the ASA, that basically means your configuration on the ASA for the IPSEC Part is good :-)

Does your internal network know that they need to route the packets for the VPN Pool of IP Addresses "ip local pool vpnpool mask" back to the ASA. I guess this is where things are not working as expected.

One thing I noticed is, you have a pool of ip addresses that is part of your internal network. Typically, this is not recommended because of routing issues.

So, you have two options:

1. Configure your internal routing to forward the packets destined for the Pool of IP Addresses back to the ASA.


2. Reconfigure the Pool of IP Addresses to a totally different subnet (Ex. then configure your internal routing to forward packets destined to the pool back to the ASA.

I hope it helps.



** Please rate all helpful posts **

Community Member

Re: Cannot Access Inside from VPN Client

Hi arul

I went through ur post and did following changes

ip pool - -

and i have a default route in my Core Switch to ASA 5520

ip route

we use EIGRP as our Internal Routing Protocol and I created a VLAN with /24 address Scope and created a SVI interface with as the address of interface and added it to the Routing Protocol


vlan 225

interface vlan 225

ip address

no shutdown

router eigrp 100

redistribute static



ip route

I am able to Ping from firewall and what to do next

The Same problem Continues even After the Changes

CreatePlease to create content