Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

vpn3015 convertion to asa

Folks:

i am replacing our venerable vpn 3015 with an asa5510. i seem to have basic vpn connectivity (vpn client v4.7) but im used to connecting to the private net side to administer the devices. as of now, if i attempt a telnet or asdm connection to the private interface, i get no reponse. is this by design? is there a way around this? (vpn tunnel was configured using asdm wizard) the one thing i THINK im missing is the vpn30xx series had a tunnel default gateway. there doesnt seem to be a replacement in asdm. i had thought to use "route inside 0 0 192.168.x.1 tunneled" to replace this but maybe there is more im missing?

3 REPLIES
New Member

Re: vpn3015 convertion to asa

its worse than i thought.

no traffic is flowing at all.

New Member

Re: vpn3015 convertion to asa

ok, fixed my flow problem (note to self; DON'T delete the nat exempt statement just 'cause you dont understand it) now im back to my original problem, i cant telnet to the inside interface from the tunnel.

another thought based on how i messed myself up to start with: when my 3002's get connected, are there address spaces going to need to be exempted from nat also? ( i currently have a nat 0 0 interface)

New Member

Re: vpn3015 convertion to asa

Have you tried the management-access command? It will allow you to connect to the inside interface once you are connected with th VPN client. You have to specify an interface such as inside. You will also need to setup the telnet command to allow the ip range to get to the ASA.

107
Views
0
Helpful
3
Replies