About atishin

atishin · 05-08-2012

I have a functioning site-to-site VPN between two ASA 5505 appiances. Sub-net on one side is 192.168.20.0/24 (inside I/F) and on the other side is 192.168.30.0/24 (inside I/F). VPN is built over public Internet (outside I/Fs of those two ASAs). Now I...

atishin · 01-06-2012

I need to connect two internal LANs each of which has ASA as a firewall to outside. One has ASA 5505 with two interfaces and another - ASA 5510 with three interfaces. I managed to pass echo packets from one internal LAN to another, but not the TCP pa...

atishin · 11-21-2010

I have a small problem connecting XP L2TP client to ASA5505 L2TP/IPsec VPN. I have internal and external IPs for the same domain. When I am on VPN I suppose to resolve the same domain name into internal IP and this is happening on Windows 7, but not ...

atishin · 05-09-2012

Thank you for reply! It seems that based on a packet-tracer info ICMP packets should be going fine (see below), but when I do "ping 192.168.35.3" from 20.0 network - I get "Request timed out". asa-office# packet-tracer input inside icmp 192.168.20.12...

atishin · 01-08-2012

OK. Finally I managed to work it out. I disabled TCP State for that route (PBR is not available in ASA as I misassumed in previous suggesion). Here is what I did - just for sake of someone who might bump into similar problem:ASA(config)#access-list S...

atishin · 01-08-2012

Julio,I think I found explanation of my case - see this link: http://www.8-p.org/wiki/doku.php?id=asahairpinningAs I understand - when TCP packet originated from 30.0 net - it is routed via ASA5505 towards ASA5510, but when ASA5510 ack - it sends rep...

atishin · 01-07-2012

Windows firewall is disabled (entire service) on all our servers.I am not sure what you ask me to do with other server - do you want me to run packet tracer and use 30.2 instead of 30.6?

atishin · 01-07-2012

Julio,On 192.168.30.6 the default gateway is 192.168.30.1 (e.g. ASA 5505's inside interface). Here is trace from ASA 5505:Result of the command: "packet-tracer input inside tcp 192.168.30.6 1025 192.168.35.2 3389"Phase: 1Type: CAPTURESubtype: Result:...

Member Since	‎11-21-2010 06:31 PM
Date Last Visited	‎08-18-2017 03:55 AM
Posts	26

User Statistics

User Activity

Route another sub-net traffic via Site-to-Site VPN on ASA 5500

ASA route ping but not TCP packets between two internal LANs

L2TP/IPSec DNS split problem on Windows XP VPN client

Re: Route another sub-net traffic via Site-to-Site VPN on ASA 55

Re: ASA route ping but not TCP packets between two internal LANs

ASA route ping but not TCP packets between two internal LANs

Re: ASA route ping but not TCP packets between two internal LANs

Re: ASA route ping but not TCP packets between two internal LANs