Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Remote accesss vpn with LDAP and KERBEROS microsoft active directory

Dear All,

I recently configured the remote accss vpn with AD. now the vpn client acquired ip add network is but the server is inside the cyber guard firewall LAN (

The tunnel is established but i can not acc the server or ping it by client

Where the routing has to be done for this to work.

The ASA inside and cyberguard outside is the network the client pool is confiured but the server is inside LAN in one vlan with network.the cyberguard is between LAN and ASA firewall.

cyberguard outside is inside is and the core LAN switch gateway to the outside is

Please could you give me the work around for it.




Re: Remote accesss vpn with LDAP and KERBEROS microsoft active d

Swami, if you can post a diagram Im positive you'll get more responces, Im not sure I understand your topology as you have two firewalls. You indicate you have cyberguard between LAN and ASA, cyberguard firewall outside IP and inside of, and your asa inside is in the same network as your cyber outside interface It seems from your description the cyberguard is your vpn gateway and this is where you RA connection is stablished through cyberguard is this correct?

Lets put RA VPN aside for a minute.

1-From within the cyberguar firewall can you reach or any host under that subnet by pings. If you cannot you will

need a route at cyberguard to get to network.

In the event that this is not the case and that you can ping from cyberguard hosts in the network in your LAN

from cyberguard successfully I would recommend to look into how enabling NAT traversal (aka NAT-T ), I suspect one of these may be your problem.