04-27-2011 09:51 AM - edited 03-11-2019 01:26 PM
Hello Guys,
I have 2 ASA5505 firewalls. I have one that has a static ip address that has been configured for Remote Access IPSEC VPN. The other one at the remote site I have configured the server Ip address for the first firewall. I have also up the Easy Vpn section of the firewall and it seems to connect because I see a red VPN light on the remote Firewall and a Green light on the server 5505 Firewall. I however can not connect/ping across the tunnel to my servers at the first site but if I connect using the VPN Client it works perfectly. I have tried to ping in Client mode and NEM Mode with no luck. What could be the problem?
04-27-2011 10:01 AM
Hi,
If the configs on Server end and client end are correct, one reason is the client ASA not getting the your spilttunnel network (internal networks). On cleint ASA do 'show vpnclient detail' gives you more information on the policy. If you still have issues, post both end units configs.
hth
MS
04-27-2011 10:59 AM
How I manually bring the tunnel up? Ids there a connect button somewhere on this remote ASA?
04-27-2011 12:04 PM
'vnclient nem-st-autocnnect' command on client should automaticvally initiate the connection. There is no button. Basic config on client looks this way..
vpnclient server x.x.x.x y.y.y.y --> Primary & backup server ips.
vpnclient mode network-extension-mode
vpnclient nem-st-autoconnect
vpnclient vpngroup
vpnclient username
vpnclient enable
Post the configs for both unts.
hth
MS
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide