rubbaninja
MIS
I'm running ASA 8.0(3)6 routed, single context.
We are running ipsec vpn on both the external interface and the internal interface.
We are connecting with ezvpn clients (871 cisco routers).
The client IP addressing is configured on the client.
Management is now having us use the connections from the internal network to the inside interface of our ASA.
In order for the client to TX traffic I have to add
static (inside,inside) 192.168.102.0 192.168.102.0 netmask 255.255.255.0
and also, of course, enable the interface for IPSEC access.
and
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
crypto isakmp nat-traversal 10
When this static is in place we are unable to manage the device or the users workstation when they take home their 871 after training and connect to the external interface of the ASA. (But while they are connected to the inside peer we can connect to the device)
I get No Valid Adjacency. After looking the error up I added in a route.
route inside 192.168.102.0 255.255.255.0 insideipaddress 255
It appeared to do the trick because the packet tracer reports that can connect but when attempting to connect I am now getting SYN Timeouts.
Any ideas?
We are running ipsec vpn on both the external interface and the internal interface.
We are connecting with ezvpn clients (871 cisco routers).
The client IP addressing is configured on the client.
Management is now having us use the connections from the internal network to the inside interface of our ASA.
In order for the client to TX traffic I have to add
static (inside,inside) 192.168.102.0 192.168.102.0 netmask 255.255.255.0
and also, of course, enable the interface for IPSEC access.
and
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
crypto isakmp nat-traversal 10
When this static is in place we are unable to manage the device or the users workstation when they take home their 871 after training and connect to the external interface of the ASA. (But while they are connected to the inside peer we can connect to the device)
I get No Valid Adjacency. After looking the error up I added in a route.
route inside 192.168.102.0 255.255.255.0 insideipaddress 255
It appeared to do the trick because the packet tracer reports that can connect but when attempting to connect I am now getting SYN Timeouts.
Any ideas?
