Cisco ASA 5505 remote VPN issue

Discussion in 'Cisco' started by feyo, Oct 15, 2010.

  1. feyo

    feyo

    Joined:
    Oct 15, 2010
    Messages:
    1
    I have successfully configured the ASA such that I can connect via remote VPN. However, once I am connected, I have no access to any of the machines on the local network. Cannot even ping the ASA. I suspect it has to do with a route I have to add for the remote IP address pool, or some such thing. Hoping someone much more versed in such things can hold my hand before I pull my hair out. Thanks for any help. Below is the running config, minus identifying info:

    ASA Version 7.2(4)

    !
    interface Vlan1
    nameif inside
    security-level 100
    ip address 192.168.1.1 255.255.255.0
    !
    interface Vlan2
    nameif outside
    security-level 0
    ip address 70.x.x.x 255.x.x.x
    !
    interface Vlan3
    shutdown
    no forward interface Vlan1
    nameif dmz
    security-level 50
    no ip address
    !
    interface Ethernet0/0
    switchport access vlan 2
    !
    interface Ethernet0/1
    !
    interface Ethernet0/2
    !
    interface Ethernet0/3
    !
    interface Ethernet0/4
    !
    interface Ethernet0/5
    !
    interface Ethernet0/6
    !
    interface Ethernet0/7
    !
    ftp mode passive
    dns server-group DefaultDNS
    domain-name default.domain.invalid
    pager lines 24
    logging asdm informational
    mtu outside 1500
    mtu inside 1500
    mtu dmz 1500
    ip local pool RemoteVpnPool 192.168.25.1-192.168.25.30 mask 255.255.255.0
    icmp unreachable rate-limit 1 burst-size 1
    asdm image disk0:/asdm-524.bin
    no asdm history enable
    arp timeout 14400
    global (outside) 1 interface
    nat (inside) 1 0.0.0.0 0.0.0.0
    route outside 0.0.0.0 0.0.0.0 70.x.x.x 1
    timeout xlate 3:00:00
    timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
    timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
    timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
    timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
    aaa authentication ssh console LOCAL
    http server enable
    http 192.168.1.0 255.255.255.0 inside
    no snmp-server location
    no snmp-server contact
    snmp-server enable traps snmp authentication linkup linkdown coldstart
    crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
    crypto dynamic-map outside_dyn_map 20 set pfs group1
    crypto dynamic-map outside_dyn_map 20 set transform-set ESP-3DES-SHA
    crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map
    crypto map outside_map interface outside
    crypto isakmp enable outside
    crypto isakmp policy 10
    authentication pre-share
    encryption 3des
    hash sha
    group 2
    lifetime 86400
    crypto isakmp policy 65535
    authentication pre-share
    encryption 3des
    hash sha
    group 2
    lifetime 86400
    dhcpd auto_config outside
    !
    dhcpd address 192.168.1.2-192.168.1.33 inside
    !
    feyo, Oct 15, 2010
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. bjorn@kumlait.se
    Replies:
    1
    Views:
    3,327
    bjorn@kumlait.se
    Jun 17, 2007
  2. dmj792

    Cisco ASA 5505 VPN issue

    dmj792, Aug 15, 2007, in forum: Cisco
    Replies:
    5
    Views:
    13,918
    erhan68
    Jan 14, 2009
  3. lesniak81
    Replies:
    0
    Views:
    2,171
    lesniak81
    Jan 13, 2009
  4. around1234

    Cisco ASA 5505 PAT / VPN issue

    around1234, Jun 6, 2009, in forum: Cisco
    Replies:
    0
    Views:
    582
    around1234
    Jun 6, 2009
  5. Dogg Child

    Re: ASA 5505 behind ASA 5505

    Dogg Child, Jun 7, 2010, in forum: Cisco
    Replies:
    0
    Views:
    608
    Dogg Child
    Jun 7, 2010
Loading...

Share This Page