×
INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!
  • Students Click Here

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here

Remote Access VPN connects, but no data passes through Cisco ASA

Remote Access VPN connects, but no data passes through Cisco ASA

Remote Access VPN connects, but no data passes through Cisco ASA

(OP)
I've setup an IPSec Remote Access VPN using the wizard in ASDM on ASA 5510. I created a new pool (10.10.225.0/24) and when client connects (either iPhone, Windows, OS X), authentication goes correctly and client is authenticated and assigned a proper IP address from the newly created pool. Once connected however, client can not ping any inside resources, nor be pinged on it's VPN IP address from an inside resource either.



When I go to the monitor area of ASDM, it shows the RAS client connected, but no packets tx/rx. I've tried setting a route (0.0.0.0 0.0.0.0 10.10.200.4) but that still makes no difference. I've done this several times before with different firewalls (ASA/PIX) and never had an issue. Probably missing something very stupid. Any config snippets I can supply that will make this easier to troubleshoot I'll be happy to supply. Any insight to this is extremely appreciated.



Thanks in advance.

RE: Remote Access VPN connects, but no data passes through Cisco ASA

on the remote device that has connected:
if windows: route print and see what their gateway is.

on the ASA :

clearly connection policy is OK since they login and get IP address.
group policy is where I would start - and their access-lists.

also is the ASA only Router/FW between the client and resource? if not then do the other devices have the routes back to the ASA for the new subnet?

We must go always forward, not backward
always up, not down and always twirling twirling towards infinity.

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members! Already a Member? Login

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close