Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
241
Views
0
Helpful
1
Replies

ASA VPN Tunnel no Win 2012 R2 to Win 2012 R2 communcation

dbouthillier
Level 1
Level 1

‎08-22-2014 09:50 AM - edited ‎03-11-2019 09:40 PM

A peer created a VPN tunnel between two offices using two 5512, both running 8.6(1)2.  The tunnel works great, for everything except the Windows 2012 R2 servers.  The 2012 R2 servers cannot communicate with 2012 R2 servers across the tunnel, but they can communicate with all the other non-2012 R2 devices. The same 2012 R2 servers can ping and RDP to Win 2008 R2, Win 2003 R2 and other non-Windows devices.

This behavior is happening in both directions.  We can't ping and we can't RDP.  Prior to the tunnel, we had MPLS circuits.  The 2012 R2 boxes could communicate with 2012 R2 across the MPLS circuits.  I attempted some constant pings and RDP sessions across the tunnel, but I did not see anything in the ASDM Syslog messages on either ASA.

Labels:
0 Helpful
1 Reply 1

dbouthillier
Level 1
Level 1

‎08-22-2014 11:10 AM

I solved this by entering "fixup protocol ICMP" on both ASA's.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card