08-13-2012 09:25 AM - edited 03-11-2019 04:41 PM
I configured a new Asa 5505 with Ios 8.44-1-k8.bin and when I installed the Asa the client's after about 1 hour were unable to ping
or map drives to the Asa. I got the following error, %ASA-2-106007: Deny inbound UDP from XXXX to XXXX due to DNS Query. I added the command same-security-traffic permit intra-interface they were then able to ping the server
and connect to the Internet, but still unable to map drives
I could see the connections from the Pc's to the server in a show conn with was tcp port 445 with Saa
I reverted back to Ios 8.25 and everything works.
Here is the configuration
08-13-2012 11:33 AM
Hello,
Can you try the following and let me know the result:
no nat (inside,any) source static internal_net internal_net destination static external_net external_net
nat (inside,outside) source static internal_net internal_net destination static external_net external_net
access-list Split_VPN standard permit 172.30.240.0 255.255.255.0
group-policy RemoteVPN attributes
split-tunnel-policy tunnelspecified
split-tunnel-network-list value Split_VPN
Then disconnect from the VPN client and try to reconnect
Also are you sure the DNS server is 172.30.240.41?
Regards,
08-14-2012 07:33 AM
I cannot try anything right now. The client is up and running on the 8.25 level with no problems.
The dns server is the correct ip.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide