I have a small request. I have a setup where the internal users within the corporate network need to remote VPN into the VPN concentrator.
The setup is as below
(202.x.x.x)VPN ASA 5520 ---------------- FW ------------- intenal network
The problem is that the 10.0.0.0/8 internetl network establishes the connection via the outside interface. However, the return path is via the inside interface. But the vpn concentrator keeps showing next-hop not reachable for USP 500. Why does it show that when it has a route via the inside interface.
6|Jan 29 2013 13:44:38|110003: Routing failed to locate next hop for udp from NP Identity Ifc:202.x.x.x..29/62465 to outside:10.163..x.x/5892
Also, since we are trying to send traffic from outside to the inside interface, I tried to NAT the source ip i.e 202.x.x.x and left the source unaltered.
But it still doesnt work.
I am wondering why is the ASA not routing via the inside interface and looks for the return traffic via the same outside interface the traffic entered in.
The outside has a security-level of 0 and the isnide has a sec-level of 100.
Any help would be appreciated.
If you need any config etc , please let me know