Solved: Unable to get to server.

mx · ‎04-20-2009

Hi everyone. Im stumped on an ASA config. When I vpn in I cant get to a specific server and its driving me nuts.

when I vpn in I get a 172.16.1.x address. Server Im trying to get to is 10.94.8.211 to port 80.

I think the app needs to get to it by its domain name which isnt helping me i.e. http://testserver/url.

However when I vpn in I cant even ping it or http to the address. From inside the LAn, no problem. And of course from the asa CLI I can ping the server fine.

I tried a bunch of things but nothing worked for me.. Im attaching the config. Thanks for any help you might have.

Bob

acomiskey · ‎04-20-2009

If you have an internal dns server which can resolve it to it's internal address then add...

dhcpd dns x.x.x.x

View solution in original post

andrew.prince · ‎04-20-2009

Bob,

Does the server know how to reach 172.16.1.0/24 address?? If not but the server has a default layer 3 gateway - does the layer 3 gateway know the 172.16.1.0/24 subnet is via the ASA inside IP address?

mx · ‎04-20-2009

Andrew, thank you for the reply. Let me verify...

acomiskey · ‎04-20-2009

Add...

isakmp nat-traversal

mx · ‎04-20-2009

This command helped, it allows me to now ping it by address but not name. It seems like I still need to resolve the server by name.

I assume I can add dhcpd wins x.x.x.x ?

acomiskey · ‎04-20-2009

If you have an internal dns server which can resolve it to it's internal address then add...

dhcpd dns x.x.x.x

mx · ‎04-20-2009

Thank you acomiskey, that worked as hoped!