I have one ASA which is for client VPN connections and site-to-site VPNs
I changed its IP address, now i'm not able to connect to it.
Here is the detail
vlan522 <=> SW1 <=> g0/48(10.40.251.2) <=> e0/1 (10.40.251.1) <=> FW1-ASA 5510
FW1-ASA 5510 has futher site-to-site VPNs and also client VPN for users to connect from outside, which authenticate from a LDAP server from INSIDE and also DHCP is on INSIDE.
* Now problem is i'm not able to ssh to ASA (10.40.250.1) but ping is working.
* and client VPN is not working, i'm able to ping LDAP/DHCP server from ASA.
attached configurations of switch and ASA.
if you did not save the configuration changes just reload the device and you should recover previous configuration
The IP address on the ASA configuration points to 10.40.251.1, did you change this IP address to 10.40.250.1?
The reason that you would not be able to reach 10.40.250.1 would be because network layer 3 devices don´t know how to route to the ASA, log into console and change it back to what it was.
Why did you change this?
I added another ASA device and have to assign 10.40.250.1 to that device.
So i assigned 10.40.251.1 to this.
Sorry I did not understand what you are trying to say.
And also layer 3 device is connected to this ASA via G0/48 and there is a " directly connected" route to 10.40.251.1. So how does it not know the route.
Problem was somehow the configurations went missing.
I added following conf and it is working fine now.
for ssh: ssh 10.40.0.0 255.255.0.0 inside
for VPN authentication server configuration was missing. Added following:
aaa-server vpn_bmeng_aaa (inside) host netservice
Also had to fix switch to route reverse traffic for VPN connected hosts to correct firewall.