cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1200
Views
5
Helpful
4
Replies

ASA Site to Site and SSL VPN stop working

pinnaclecsg
Level 1
Level 1

Thanks in advance for any tips

We have an ASA 5510 that users have been able to log in via for any connect without any issues. We opened a new office using a ASA 5505 and decided to give site to site VPN over IPSec. We used the basic wizard and everything went smooth on both ends. However, users that still used SSL VPN said while they could connect to the original site they are not able to RDP anymore into their virtual machines or get anywhere on the network. I am not sure why something like this may have happen.

1 Accepted Solution

Accepted Solutions

Can you change the SSL VPN DHCP scope to give out a different subnet of IPs. Maybe try 192.168.10.0 255.255.255.0. Let me know if you can and if that remedies the issue.

Sent from Cisco Technical Support iPhone App

Shawn Eftink CCNA/CCDA Please rate all helpful posts and mark correct answers to assist others searching for solutions in the community.

View solution in original post

4 Replies 4

SHAWN EFTINK
Level 5
Level 5

Good chance this will be a routing issue, which in the world of VPNs is generally related to "interesting traffic" for the VPNs.
Can you confirm that the IPs at the main office, remote office, and those assigned to SSL VPN users when they connect are not in the same or overlapping subnets?

Sent from Cisco Technical Support iPhone App

Shawn Eftink CCNA/CCDA Please rate all helpful posts and mark correct answers to assist others searching for solutions in the community.

Thank you for your reply

The main office has an internal ip range of 192.168.75.0 with I believe 255.255.255.0

The remote office has a internal ip range of 192.168.1.0 with I believe 255.255.255.0

When the VPN user logs in they are given 192.168.75.180-200 via dchp

I know the outside static ops are on different subnets

Can you change the SSL VPN DHCP scope to give out a different subnet of IPs. Maybe try 192.168.10.0 255.255.255.0. Let me know if you can and if that remedies the issue.

Sent from Cisco Technical Support iPhone App

Shawn Eftink CCNA/CCDA Please rate all helpful posts and mark correct answers to assist others searching for solutions in the community.

Thank you for your help

The problem is solved!

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: