Solved: Re: Cisco asa vpn ipsec connected to cisco 887vaw - Page 3

Hamid Amir · ‎11-10-2017

Hi

I have cisco asa connected to cisco 887vaw router with dsl internet connection.

I have internet connection working on both. I have configured vpn IPsec on cisco asa, I can connect from inside but I can not connect from remote.

can you help please?

Richard Burts · ‎12-05-2017

Hamid

I see this in the config

ip access-list extended LAN
permit ip any any

I suggest that you remove the permit any any from the ACL.

I wonder if anything shows up in the logs on the router when you attempt to start the VPN from an Internet source?

Perhaps it might show us something helpful if you turn on debug for address translation on the router and then attempt to start the VPN from an Internet source, and then look for any debug output.

HTH

Rick

HTH

Rick

Hamid Amir · ‎12-06-2017

Hi Richard

Thank you very much for your reply.

It is working with removing permit ip any any, but I loose internet connection for the router.

any solution for that please ?

Kind Regards

Hamid

Hamid Amir · ‎12-06-2017

Hi Richard

The router internet connection is working by add ip permit vlan 1 network address.
Thank you very much fro your great help.

Best Regards
Hamid

Richard Burts · ‎12-07-2017

Hamid

I am very glad to know that you have resolved this issue and that it is working.

HTH

Rick

HTH

Rick

Hamid Amir · ‎12-06-2017

Hi Richard,
The internet is working by adding ip permit for vlan1 network address.
Thank you very much for your great help.

Kind Regards

Hamid