Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
468
Views
5
Helpful
1
Replies

IPSec l2tp access issue

itsonujaiswal
Level 1
Level 1

‎04-15-2017 01:44 AM - edited ‎02-21-2020 09:14 PM

Hi,

I had deploy Ipsec/l2tp on asa 5525, the client is connected and also can access remote network (ASA side) from client,

But when system from ASA network side like from lan try to connect vpn connected user through their assign ip address the connection is failing and doping packets   

client able to ping remote network but 

from ASA or ASA side network not able to ping client

6|Apr 15 2017|01:20:57|106015|10.30.5.1|8080|10.30.1.102|4003|Deny TCP (no connection) from 10.30.5.1/8080 to 10.30.1.102/4003 flags SYN ACK on interface outside
6|Apr 15 2017|01:20:56|106015|10.30.5.1|8080|10.30.1.102|4002|Deny TCP (no connection) from 10.30.5.1/8080 to 10.30.1.102/4002 flags SYN ACK on interface outside
6|Apr 15 2017|01:20:55|302014|10.30.5.1|8080|10.30.1.102|4003|Teardown TCP connection 4962 for outside:10.30.5.1/8080(LOCAL\user) to vlan5:10.30.1.102/4003 duration 0:00:30 bytes 0 SYN Timeout
6|Apr 15 2017|01:20:55|302014|10.30.5.1|8080|10.30.1.102|4002|Teardown TCP connection 4961 for outside:10.30.5.1/8080(LOCAL\user) to vlan5:10.30.1.102/4002 duration 0:00:30 bytes 0 SYN Timeout
6|Apr 15 2017|01:20:25|302013|10.30.1.102|4003|10.30.5.1|8080|Built outbound TCP connection 4962 for outside:10.30.5.1/8080 (10.30.5.1/8080)(LOCAL\user) to vlan5:10.30.1.102/4003 (10.30.1.102/4003)

Labels:
0 Helpful
1 Reply 1

Spooster IT Services
Level 7
Level 7

‎04-18-2017 01:54 PM

Have you configured NO NAT for this VPN traffic?

Can you paste or attach the configuration you have done for this VPN?

Spooster IT Services Team
Customers Also Viewed These Support Documents