cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
426
Views
0
Helpful
1
Replies

ASA 5510 - Problems Accessing Hosts Over VPN Troubleshooting Help

mario11584
Beginner
Beginner

I have an unusual problem. I've been attempting to fix this issue or confirm the issue is not with the firewall and I have kind of run into a road block. This is my problem as I understand it. A client of mine has a VPN tunnel built over a point to point connection of some kind (this client is fairly new to me) and is unable to access some hosts on the remote end of the VPN tunnel from the LAN side of the firewall. The LAN IPs are NAT'd as they leave the network from the HPH-Point-to-Point interface to the remote end. Just as a point of reference, the LAN IP of 129.200.11.19 is said to be working, however the range of 129.200.20.25 - .50 is not. I've tried packet-tracer but with the NAT happening over a VPN tunnel I am not sure if I am doing it correctly.

Any ideas on how to troubleshoot this would be greatly greatly appreciated. I've attached a running-config of the firewall.

1 Reply 1

Julio Carvajal
Advisor
Advisor

Hello David,

here is what I have taken from your config and what I need you to answer me:

1) This is for a L2L tunnel right?

2) crypto map HPH_VPN 10 set peer hong-kong-IP : This is the VPN we are troubleshooting right?

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: