Hello,

I already configured a remote vpn access in a 5515X but i have an issue when the clients connect to the remote vpn, the dhcp assign me an ip but there is no default route in ipconfig from the PC / Laptop , also i can access to the network configured for the clients but i can not access to the networks inside mty firewall 5515X.

this ACL is for the permited network for access.

access-list VPNSplit remark VPN-Internet

access-list VPNSplit standard permit 10.10.0.0 255.255.0.0

access-list VPNSplit standard permit 10.1.0.0 255.255.0.0

access-list VPNSplit standard permit 10.2.0.0 255.255.0.0

access-list VPNSplit standard permit 10.21.0.0 255.255.0.0

access-list VPNSplit standard permit 10.22.0.0 255.255.0.0

access-list VPNSplit standard permit 10.6.0.0 255.255.0.0

access-list VPNSplit standard permit 192.168.0.0 255.255.0.0

access-list VPNSplit standard permit 10.29.0.0 255.255.0.0

access-list VPNSplit standard permit 10.28.0.0 255.255.0.0

access-list VPNSplit standard permit 10.27.0.0 255.255.0.0

access-list VPNSplit standard permit 10.23.0.0 255.255.0.0

access-list VPNSplit standard permit 10.19.0.0 255.255.0.0

access-list VPNSplit standard permit 10.9.0.0 255.255.0.0

Configuration for the remote VPN

aaa-server LDAP_AXFI (Inside) host 10.10.0.12

ldap-base-dn OU=Admin, OU=People, DC=XXXXXX, DC=com

ldap-scope subtree

ldap-naming-attribute sAMAccountName

ldap-login-password *****

ldap-login-dn cn=CiscoLDAP,ou=ServiceAccounts,ou=Services,dc=XXXXXX,dc=com

server-type microsoft

crypto ipsec ikev2 ipsec-proposal AES256

protocol esp encryption aes-256

protocol esp integrity sha-1 md5

crypto ipsec ikev2 ipsec-proposal AES192

protocol esp encryption aes-192

protocol esp integrity sha-1 md5

crypto ipsec ikev2 ipsec-proposal AES

protocol esp encryption aes

protocol esp integrity sha-1 md5

crypto ipsec ikev2 ipsec-proposal 3DES

protocol esp encryption 3des

protocol esp integrity sha-1 md5

crypto ipsec ikev2 ipsec-proposal DES

protocol esp encryption des

protocol esp integrity sha-1 md5

crypto map outside_map 90 ipsec-isakmp dynamic dinomap

crypto ikev2 policy 1

encryption aes-256

integrity sha

group 5 2

prf sha

lifetime seconds 86400

crypto ikev2 policy 10

encryption aes-192

integrity sha

group 5 2

prf sha

lifetime seconds 86400

crypto ikev2 policy 20

encryption aes

integrity sha

group 5 2

prf sha

lifetime seconds 86400

crypto ikev2 policy 30

encryption 3des

integrity sha

group 5 2

prf sha

lifetime seconds 86400

crypto ikev2 policy 40

encryption des

integrity sha

group 5 2

prf sha

lifetime seconds 86400

tunnel-group RemoteAccess type remote-access

tunnel-group RemoteAccess general-attributes

address-pool VPNPOOL

authentication-server-group LDAP_AXFI

default-group-policy RemoteAccess

tunnel-group RemoteAccess ipsec-attributes

ikev1 pre-shared-key *****

do i need to change the ikev1 to ikev2 for the remote vpn.?

what could be the issue?

Regards,