07-21-2014 09:22 AM - edited 03-11-2019 09:30 PM
Hi..
I have been running IPSec RA VPN on ASA at my one location, i have recently setup a new location with new another ASA configured with IPSec RA VPN. I have configured same VPN group name on this new ASA.
I have been seeing a strange behaviour which is that when i create a vpn account on this new ASA and try connect to VPN it does not connect and when i create same vpn account on old ASA too, RA VPN starts connecting.
I have configured split tunnel on both ASA and both ASA are configured to assign ip to vpn user of different segment(like ASA-A : 10.110.50-90/24, ASA-B : 10.115.40.60/24).
i dont know why this is this issue, is this because of same group policy name or VPN group name.
Pls help me.
07-21-2014 10:15 PM
Hello,
No, it should not as both sites have different public IP addresses and the PCF file on the VPN client will be different.
There got to be a config issue.
Regards
jcarvaja
CCIE R&S 42930, 2-CCNP,JNCIS-SEC
Looking for a quick remote support session? Contact us at inetworks.cr
07-28-2014 09:12 PM
Hi,
Please enable couple of debuggings in the second (new ASA) RA connection:
debug crypto isakmp
debug crypto ipsec
Then, try to initiate the connection from the vpn client and paste the results here.
AM
07-28-2014 10:05 PM
Hi Anukalp,
Could you please provide the required configurations of VPN part for both the sites?
while doing modifications with the same configurations, you could have missed a simple thing?
Regards
Karthik
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide