06-07-2007 07:55 AM - edited 03-09-2019 06:08 PM
I'm a newbie ,but here's what I have.
Set up ASA 5510 VPN ipsec(preshare) and relayed user authentication to our DC. I have acl set up for inside lan access and split tunnel for internet usage.
Here is my deal. When I connect via vpn client, I am able to access the local lan, netshares, intranet..etc(good, that's what I want)....I also have proper IP from the VPN pool created...I can even ping inside (DC ..users..etc) I just can't see the vpn client (user that is logged in remotely) from the inside at all (from dns or vpn pool generated IP)...I can't ping them or anything.
I'd like to see these guys when they are on the lan like a normal user on the lan. I'm sure you guys can throw some suggestions at me.
Basically I can't see my users when they are logged into the VPN, but they can see everything on the LAN. Their firewalls are down..etc. Need to see them for troubleshooting remotely amongst other things.
Thanks.
06-07-2007 08:01 AM
Try disabling the cisco vpn client firewall.
06-07-2007 11:26 AM
Thanks mate!
I was able to pc anywhere into the vpn client from my admin console with no problems.
Still can't ping one another, but I guess it's not that big a concern since everything else works fine.
As long as they can resolve to dns and everything, I guess I'm good.
06-29-2007 09:17 AM
Do you have reverse route setup for the crypto map?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide