We have setup a connection between the Cisco client on a laptop and a Cisco ASA 5510.

The tunnel is working allright when I'm using an open tunnel (no firewall in Group Policy).

But when I apply an ACL to the VPN connection (Group Policy) there can't go any UDP traffic through the tunnel. TCP connection are working well.

Here is my ACL:

access-list ipsec_homeworkers remark DNS requests

access-list ipsec_homeworkers extended permit udp 10.10.0.0 255.255.255.0 192.168.0.0 255.255.255.0 eq domain

access-list ipsec_homeworkers remark TTCP test tool

access-list ipsec_homeworkers extended permit udp 10.10.0.0 255.255.255.0 192.168.0.0 255.255.255.0 eq 5001

access-list ipsec_homeworkers remark TTCP test tool

access-list ipsec_homeworkers extended permit tcp 10.10.0.0 255.255.255.0 192.168.0.0 255.255.255.0 eq 5001

access-list ipsec_homeworkers remark RDP

access-list ipsec_homeworkers extended permit tcp 10.10.0.0 255.255.255.0 192.168.0.0 255.255.255.0 eq 3389

access-list ipsec_homeworkers remark Kerberos poort 88

access-list ipsec_homeworkers extended permit tcp 10.10.10.0 255.255.255.0 192.168.0.0 255.255.255.0 eq 88

access-list ipsec_homeworkers remark Netbios name services

access-list ipsec_homeworkers extended permit udp 10.10.0.0 255.255.255.0 192.168.0.0 255.255.255.0 eq netbios-ns

access-list ipsec_homeworkers remark Netbios datagram services

access-list ipsec_homeworkers extended permit udp 10.10.0.0 255.255.255.0 192.168.0.0 255.255.255.0 eq netbios-dgm

access-list ipsec_homeworkers remark Netbios session services

access-list ipsec_homeworkers extended permit tcp 10.10.0.0 255.255.255.0 192.168.0.0 255.255.255.0 eq netbios-ssn

access-list ipsec_homeworkers remark Netbios over TCP

access-list ipsec_homeworkers extended permit tcp 10.10.0.0 255.255.255.0 192.168.0.0 255.255.255.0 eq 445

access-list ipsec_homeworkers extended permit icmp 10.10.0.0 255.255.255.0 192.168.0.0 255.255.255.0

Does anybody know how to solve this problem?

With kind regards,

Rene Eijzenga