Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
508
Views
0
Helpful
1
Replies

ASA 5510 - Problems Accessing Hosts Over VPN Troubleshooting Help

mario11584
Level 1
Level 1

‎11-01-2012 08:59 AM - edited ‎03-11-2019 05:17 PM

I have an unusual problem. I've been attempting to fix this issue or confirm the issue is not with the firewall and I have kind of run into a road block. This is my problem as I understand it. A client of mine has a VPN tunnel built over a point to point connection of some kind (this client is fairly new to me) and is unable to access some hosts on the remote end of the VPN tunnel from the LAN side of the firewall. The LAN IPs are NAT'd as they leave the network from the HPH-Point-to-Point interface to the remote end. Just as a point of reference, the LAN IP of 129.200.11.19 is said to be working, however the range of 129.200.20.25 - .50 is not. I've tried packet-tracer but with the NAT happening over a VPN tunnel I am not sure if I am doing it correctly.

Any ideas on how to troubleshoot this would be greatly greatly appreciated. I've attached a running-config of the firewall.

Labels:
137801-FCP_Firewall.txt.zip
0 Helpful
1 Reply 1

Julio Carvajal
VIP Alumni
VIP Alumni

‎11-01-2012 11:08 AM

Hello David,

here is what I have taken from your config and what I need you to answer me:

1) This is for a L2L tunnel right?

2) crypto map HPH_VPN 10 set peer hong-kong-IP : This is the VPN we are troubleshooting right?

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card