Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
983
Views
0
Helpful
9
Replies

Help with Remote VPN

Ben Sebborn
Beginner
Beginner

‎11-21-2013 04:17 AM

Hi

We have a Remote IPSec VPN setup on our Cisco ASA 5505.

This allows a connection, however when we try and route traffic for our internal network, plus a set of external IPs, we get the traffic blocked for VPN users.

I am presuming this is either an ACL or NAT issue but I'm not sure exactly.

I have created the following:

access-list skiddlevpn_splitTunnelAcl standard permit 192.168.2.0 255.255.255.0 
access-list skiddlevpn_splitTunnelAcl standard permit 164.177.132.16 255.255.255.252 
access-list skiddlevpn_splitTunnelAcl standard permit 164.177.128.200 255.255.255.25

I have also noticed that the DHCP pool we use for VPN clients is overlapping with our internal network:

ip local pool CiscoVPNDHCPPool 192.168.2.130-192.168.2.149 mask 255.255.255.0

This has worked before, but perhaps I'm now missing something?

I have noticed a few errors such as this, which I'm not sure if they are connected:

%ASA-5-305013: Asymmetric NAT rules matched for forward and reverse flows; Connection for udp src outside:192.168.2.130/54762 dst inside:OfficeWindowsServer/53 denied due to NAT reverse path failure

Labels:
0 Helpful
9 Replies 9