Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1829
Views
0
Helpful
1
Replies

Limited Resources accessible through VPN tunnel

dbuckley77
Level 1
Level 1

‎08-24-2016 06:30 AM - edited ‎11-04-2020 09:33 AM

I have an IPsec vpn tunnel setup between an ASA 5505 on our end and a sophos on our associates end.  We are having several issues.  The first is that I defined our network that they can access as Ip address 10.100.x.x through 10.100.x.x but they can only access .x and .x  I used the VPN setup wizard and created a group policy also.  I did not create any access rules independnetly as it was my understanding that specifying the remote and local networks while setting up the VPN took care of this.  Also the associate cannot initiate the tunnel only we can.  I have pasted the ASA config below and would appreciate any help.  the tunnel in question is the x.x.x.x. tunnel  Thanks








 


 

 















Labels:
0 Helpful
1 Reply 1

Richard Bradfield
Level 6
Level 6

‎08-26-2016 05:14 AM

Hi,

your ACL used for the crypto map shown below must be mirrored at the remote site

access-list outside_2_cryptomap extended permit ip object-group Lawson_VPN host Lawson_VPN_External

now the object group Lawson_VPN, has the individual hosts so the ACL will have many entries.

It would be easier if you had an

object Lawson_VPN _subnet 

network 10.100.6.64 255.255.255.248

and used that

HTH

Richard.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents