cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
451
Views
0
Helpful
2
Replies

Strange Problem Remote-Access-VPN

ciscocase
Level 1
Level 1

Hello,

I have a strange Problem with my Remote-Access-VPN. It worked for days until now. Client says the remote peer is not responding.

The Client can reach the ASA with ping but is not able to esablish a vpn-connection.

Stange is, the ASA shows nothing in debug-modus.

debug crypto ipsec enabled at level 7

debug crypto ikev1 enabled at level 7

It seems like, the VPN is not active or anything. Or there no packets arriving the firewall.

I tried different Clients from different ISP. Also connected me direkt to the outside-switch where the ASA is connected on.

Any Ideas?

Thanks for your help.

Regards

2 Replies 2

Jan Rolny
Level 3
Level 3

Hello,

you say that ping to remote ASA from client side works fine ok? So probably there is not ISP problem and ASA is reachable from internet.

Then I would check logs on ASA and see if remote IP from which client should connect is shown there. If you see ICMP and not other traffic in log so it seems like client side FW is blocking outgoing traffic for IPSEC or SSL VPN.

So i would check or ask remote client if there is some firewall blocking this traffic.

Regards,

Jan

Thanks für your answer.

I did nothing, but its now working again for me an my clients, but other clients still can not connect.

I've checked my clients for blocking something, but they did work before an now again, but some hours ago nothing. Some other Clients (iphones for example, still have trouble to connect/establish a vpn)

Strange. I look further into this, but i do not think that the Problem is on the client side.

Regards Torsten