Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Remote Access VPN connects, but no data passes through Cisco ASA

Status
Not open for further replies.

fieryhail

IS-IT--Management
Mar 12, 2010
92
I've setup an IPSec Remote Access VPN using the wizard in ASDM on ASA 5510. I created a new pool (10.10.225.0/24) and when client connects (either iPhone, Windows, OS X), authentication goes correctly and client is authenticated and assigned a proper IP address from the newly created pool. Once connected however, client can not ping any inside resources, nor be pinged on it's VPN IP address from an inside resource either.



When I go to the monitor area of ASDM, it shows the RAS client connected, but no packets tx/rx. I've tried setting a route (0.0.0.0 0.0.0.0 10.10.200.4) but that still makes no difference. I've done this several times before with different firewalls (ASA/PIX) and never had an issue. Probably missing something very stupid. Any config snippets I can supply that will make this easier to troubleshoot I'll be happy to supply. Any insight to this is extremely appreciated.



Thanks in advance.
 
on the remote device that has connected:
if windows: route print and see what their gateway is.

on the ASA :

clearly connection policy is OK since they login and get IP address.
group policy is where I would start - and their access-lists.

also is the ASA only Router/FW between the client and resource? if not then do the other devices have the routes back to the ASA for the new subnet?

We must go always forward, not backward
always up, not down and always twirling twirling towards infinity.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top