It could be that the other servers have the windows firewall enabled? If so then that will be blocking the ICMP packets.  Check that out and get back to me.

--

Please remember to select a correct answer and rate helpful posts

Marius,

The firewall is turned off on all servers. With Windows 32 bit bit clients i can ping all servers. It is only with 64 bit clients we have this issue.

Thanks,

Lake

I presume that the servers have and IP in the 192.168.2.0 subnet?

there are a couple things you can do to troubleshoot here.

First, while the remote host is connected to the VPN do a packet tracer from a server IP that is not working to the RA VPN client IP.

packet-tracer input inside tcp <server IP> 12345 <RA VPN client IP> 80 detail

second you can do a packet capture on the inside interface to see if traffic is leaving and entering the interface from the RA VPN client...or vice versa.

access-list CAP permit IP host < RA VPN CLIENT IP> host <server IP>

access-list CAP permit ip host <server IP> host RA VPN CLIENT IP>

capture CAPIN interface inside access-list CAP

show capture CAPIN

If you see traffic from the RA VPN client leaving the ASA inside interface but return traffic not entering the ASA, then there is a problem between the ASA and the server...or on the server itself.  If you see traffic leaving and return traffic entering the ASA, then there is a problem on the ASA.

--

Please remember to select a correct answer and rate helpful posts

Thank you Sir. I will try that and let you know.

Marius,

Those commands did not work on the PIX. I think they might be ASA commands. I had the user connect with the VPN client and did a continuos ping to 192.168.2.3. I logged into 192.168.2.3 and did a Wireshark capture and i looked for the RA VPN client IP Address of 192.168.7.11. There was nothing in Wireshark. The traffic is not even getting to the server (192.168.2.3). Is there a debug i can try that might help?

Thanks,

Lake

The debugs will only show the tunnel establishment and not any traffic information.

Are the servers using the PIX as their default gateway?

I am at a loss as to why the 64 bit machines are not working but the 32 bit machines are working.  This might be a bug.

--

Please remember to select a correct answer and rate helpful posts

I believe the servers are using a Cisco switch as the gateway. I will double check that. 64 bit machines were working fine until we setup the site to site VPN.

But the 32 bit machines work fine when connecting over the RA VPN?

If that is the case I would have to assume that this is a bug.

--

Please remember to select a correct answer and rate helpful posts

I need to get this working but i don't know what to do.

As I said, this could very well be a bug but we are unable to confirm this as the PIX is now end of life / end of support.

I suggest trying a newer VPN client (5.0.7.0440)

http://software.cisco.com/download/release.html?mdfid=281940730&flowid=4466&softwareid=282364316&os=Windows&release=5.0.07.0440&relind=AVAILABLE&rellifecycle=&reltype=latest

If that doesn't work perhaps go to an earlier version of the VPN client such as 4.x

--

Please remember to select a correct answer and rate helpful posts

Marius,

We installed the VPN client 5.0.7.0440 without success. We will try an older version and see.

Thanks,

Lake