Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Site to site VPN, can ping router but not clients

I have set up a site to site between an ASA5505 (corporate) and an 871w router (remote).  The tunnel is up, and I can ping anything on the corporate network from the remote network.  However, when going from corporate to remote, I am only able to ping the router, but no clients that are connected to it.  The IP for the router is on the same subnet as the rest of the clients (192.168.1.0/24).  I've watched the logs on the ASA5505 and it seems to be passing the traffic just fine, so the problem seems to sit on the 871.  To reinforce this, I can actually initiate the tunnel from the corporate network using a ping to one of these clients (even though the ping fails :\  )

I'll be happy to provide any additional information needed.  Thanks.

Everyone's tags (4)
1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: Site to site VPN, can ping router but not clients

Hey Marshall.

Can you confirm that there are no firewalls on the clients that might be blocking pings? From the problem description you've provided it appears as though as long as the clients initiate the ping, it's successful, but the revers is not true. This seems to indicate something on the clients maybe blocking  the traffic. Also since you say you are able to ping the router whose ip address is in the same subnet as the clients it further reinforces my belief that the issue might be with the clients.

Regards,

Atri.

2 REPLIES
Cisco Employee

Re: Site to site VPN, can ping router but not clients

Hey Marshall.

Can you confirm that there are no firewalls on the clients that might be blocking pings? From the problem description you've provided it appears as though as long as the clients initiate the ping, it's successful, but the revers is not true. This seems to indicate something on the clients maybe blocking  the traffic. Also since you say you are able to ping the router whose ip address is in the same subnet as the clients it further reinforces my belief that the issue might be with the clients.

Regards,

Atri.

Community Member

Re: Site to site VPN, can ping router but not clients

As you were probably typing this reply, I was turning off the firewall on one of the clients in my remote site...it worked.  I've been combing configs since early this morning trying to figure out where the problem was, only to find out it was an elementary issue

Thanks for your quick (and correct) response.

1271
Views
0
Helpful
2
Replies
CreatePlease to create content