Solved: Re: VPN Users Can Not Access Tunnel

jamesprice141 · ‎09-21-2010

Hi All,

I have a problem, I have 2 sites both with ASA 5520's they are both connected via a site to site VPN.

this works fine all users in site A can access resources in site B and vice versa.

The problem comes when a user connects using a remote user VPN to site A they cannot access or ping anything in site B even though the FW issues them an ip in the range for site A.

Im sure there is something simple I have missed.

Thanks

Jennifer Halim · ‎09-21-2010

If the VPN Client pool is in the same subnet as site A LAN, then you probably just missing the following:

1) Double check if you have split tunnel policy, and site-B LAN is included in the split tunnel ACL.

2) Configure "same-security-traffic permit intra-interface" on site A ASA.

If the above has been configured, please share config from both ASA to further check where the issue is.

View solution in original post

Jennifer Halim · ‎09-21-2010

If the VPN Client pool is in the same subnet as site A LAN, then you probably just missing the following:

1) Double check if you have split tunnel policy, and site-B LAN is included in the split tunnel ACL.

2) Configure "same-security-traffic permit intra-interface" on site A ASA.

If the above has been configured, please share config from both ASA to further check where the issue is.

jamesprice141 · ‎09-21-2010

Excellent thank you, you are a star!

I was missing 2

Schoolboy error, works fine now.