Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Client VPN connects to main site but cannot access "remote" WAN sites?

For reference, I have a Microsoft VPN that allows me to connect to our main office and all remote WAN sites. 

However, when I use the Cisco Client VPN to my newly installed ASA, I can access the main office and all local resources, but when I try to ping or access remote WAN resources, I get nothing?  I've tried split tunneling (on and off), but neither allow me to get to my remote WAN sites.  This is not the typical NAT position issue.  I can access all servers at the main office fine, I just cannot access my remote sites across the WAN.  Any ideas?                  

2 REPLIES

Client VPN connects to main site but cannot access "remote" WAN

Hello,

If necessary NAT config existing , then it may be related to routing from WAN locations. Make sure all WAN locations have route to remote subnet and ASA can reach all WAN locations as well.

hth

MS

VIP Purple

Client VPN connects to main site but cannot access "remote" WAN

you need:

1) Hairpinning enabled: same-security-traffic permit intra-interface

2) Crypto-ACL for S2S needs to include the VPN-Pool for traffic from the clients to the remote-site

3) NAT-Exemption (if nat is used on the outside interface) must include this traffic as well

4) If using Split-tunnel, the remote-site-network needs to be included also

580
Views
0
Helpful
2
Replies
CreatePlease to create content