Hello Alain,

Sorry, I just got this....here is the result:

Gateway of last resort is 75.x.x.x to network 0.0.0.0

C    10.125.1.0 255.255.255.0 is directly connected, inside
C    75.x.x.x 255.255.255.248 is directly connected, outside
S*   0.0.0.0 0.0.0.0 [1/0] via 75.x.x.x, outside

Thank you....I will try to disable RIP while I am waiting to hear back just in case that is the culprit....Thanks

Also, if this helps......I am getting "Deny IP Spoof from 10.125.1.1 to 192.168.1.1 on interface inside" Messages in the ASDM...I think this is a big clue. Thank you

Hi,

this 192.168.1.0 network where is it located? Post a topology if it is beyond a directly connected L3 device   on the inside then you must modify the RIP settings or do just a static route.

For the RIP, try this:

router rip

network 10.0.0.0

no auto-summary

version 2

But before to make sure you have a RIPv2 enabled neighbour just do ping 224.0.0.9 and you'll get the IP from the neighbour

device otherwise try with version 1

Let us know.

Regards.

Alain.

Hi,

I tried that and I didn't work....I think I should try without using RIP. So here is the basic topology:

The Cisco ASA connects to the inside 10. Network.....the 192. Network is behind a Netgear Firewall with a 192. adress and to a Switch which is connected to all 192. Devices........I also have 2 Terminal servers Multi-Honed with 192. and 10. addresses which can ping all the 192 devices just fine. Thank you so much....

Hi,

what didn't work ? the RIP v2 ? then can you configure a static route like this:

route inside 192.168.1.0 255.255.255.0 10.125.1.1 x  where this is the address of the Netgear device.

You should also verify the config of the Netgear.

Regards.

Alain

Sorry,

The RIP connection worked but only on the Multi-Honed 10. address..sh roun said the 192. address was probably down.

The problem is still that the ASA will not see the 192. network but my Servers with Mult-Honed addresses do see the 192. network......

Trying your static route soluion now

BRB

Thank You

Update - The Static route didn't work....I get the following error after using this:

route inside 192.168.1.0 255.255.255.0 10.125.1.1 192.168.1.50

I get invalid input detected at marker                          ^   (the ^ is supposed to be under the dot after the last 192)

So error is where the X is here:   route inside 192.168.1.0 255.255.255.0 10.125.1.1 192X

Please help.....getting down to the wire here......Thank you

OK, so here's where I stand.....

The Cisco can ping everything on and behind the 192. Network.....it was the Netgear, good call!!!

The only thing I need now is to allow the VPN users to access the 192. Network as well.....when I do a test connect, I can ping everything on 10. and I have the Internet with the Split Tunnel.....but nothing......of course...... on the 192. Network.

Any final help would be greatly appreciated! Thanks!!!!

Bob

I finally got it by building a new VPN profile.....Thank you for your help, I appreciate it!!!

Bob