Cisco Routers :: ASA5520 - Unable To Ping From Corporate Network
Sep 14, 2012
I have created an IPSEC VPN tunnel using a Cisco ASA5520 (corporate) to a Cisco SRP541W (remote). The corporate subnet is 10.1.0.0/16, and the remote subnet is 192.168.1.0/24. From the remote subnet, I can ping anything on the 10.1.0.0 corporate network, but I cannot ping from the corporate network to the remote subnet. At first I thought this was something obvious, perhaps an incorrect acl or something easy on the corporate firewall. However, we have several other vpn tunnels established, all set up the same, and they work just fine. After looking at it a bit more closely, if I ping the remote subnet I see the hit counter increment by one each time, which leads me to believe that traffic is in fact being routed properly.Now I'm thinking that something in the remote SRP541W that is not allowing icmp traffic, but I can't find it anywhere. To be honest I have never used this type of firewall before, they have all been Cisco PIX501/506e and ASA5500 models.
View 2 Replies
ADVERTISEMENT
Sep 13, 2011
I configured ASA5520 and RV042 for site-to-site IPSec VPN tunnel.Tunnel get connected, but no ping, no traffic between both end network.
Network:
=======
192.168.113.0/24----------192.168.113.6 -ASA--------public, static IP address------Cisco 2821--------Internet
192.168.10.0/24-----------192.168.10.1 -RV042-----public, static IP address------Cisco 2821--------Internet
ASA5520 config:
----------------------
name 192.168.10.0 VPN
!
interface GigabitEthernet0/1
nameif NET
security-level 100
ip address 192.168.113.6 255.255.255.0
[code]....
View 5 Replies
View Related
Mar 14, 2011
I am having trouble with routing in PIX501.I have one Pix 501 and one Cisco router.Cisco Router is configured for IPSEC VPN ( LAN interface 172.19.194.1) and PIX is configured for access the internet.Default gateway of Pcs in LAN are PIX inside interface ( 172.19.194.2) but people are unable to access to corporate network but can access the internet.If i set default gateway to Cisco router LAN interface ( 172.19.194.1)then i can access to corporate network.Purpose is to pass the internet traffic using PIX 501 and corporate network traffic using Cisco router.
View 6 Replies
View Related
Nov 26, 2011
I have an RV042 using Quick VPN to connect to a remote network. I have port 1723 forwarded to a static IP address on a Windows 7 Pro 64 bit PC. I can establish the VPN and ping a printer but not the Win 7 PC. I can not acccess any shares on the pc via the IP address. It has Norton Antivirus and Windows Firewall. This remote PC replaced a Windows xp PC that allowed access to the shares. I have tried access with a Windows XP Pro and Windows Vista Home Premium PC. Neither have worked.
View 1 Replies
View Related
Jan 13, 2012
I have two windows 2008 machines on vmware. I assign 10.0.0.1/8 and 10.0.0.2/8 to them. Both connected to same virtual switch. Now should these two PCs ping each other? In my case they dont ping. What i get is Repy from <ip address>: Destination host unreachable.
View 2 Replies
View Related
Mar 21, 2011
I have a Belkin Wireless G Plus MIMO Router and had no problems connecting to corporate in the past until several months ago. I can connect just fine if I bypass the router and connect to the modem. I also have no problem if I go to places like Subway. There is no problem with the wireless internet connection, only a problem when I try to connect to corporate through the VPN.
View 3 Replies
View Related
May 21, 2012
Looking for routing with an SA540 router connecting to corporate VPN.We have an odd configuration that is beyond the scope of what I have configured previously with these devices..I am trying to configure the routing to the additional IP addresses listed for the HQ. The VPN tunnel between the .26.120.x and the .17.0.0 networks is built however it does not appear to be routing. The Cisco administrator at the HQ site says that they have "fully configured the routing" from all the listed IP addresses back through the VPN tunnel. The options I am unsure of for configuration of the SA540 router are: GW - I believe that I use the internal IP address of the 17.26.120.x router.Is this logical since the VPN tunnel. We are using NAT for the firewall internally.The existing 3 172.26.x.x VPN tunnels are live and working and fully routing between themselves.
View 2 Replies
View Related
Feb 27, 2013
A new Windows 8 computer can't access the SSLVPN corporate connection.
When we try to access the SSLVPN website to download the launcher (you have to download the VPN launcher everytime for our configuration), you can log in and that's fine, and then you can click on the VPN Tunnel link, a popup shows up but it doesn't actually download the launcher. Solutions we've tried so far:
1) Reinstalling C++ Redistirbutable
2) Adding the site to trusted sites and allowing unsigned ActiveX controls
3) Removing all internet objects through internet options.
Is there anything else we can try?
View 3 Replies
View Related
Mar 7, 2011
I am trying to introduce an ASA5520 to my network based on the following diagram: ISP Internet ------> ASA5520 ------- > Cisco Router ------> LAN. The problem is I cannot ping the ASA from the LAN. I can ping it from inside the router. I already allow ICMP within ASA. If i remove the cisco router and replace it by a swich, I can ping the ASA with NO problem.
View 5 Replies
View Related
Jul 27, 2012
i'm configuring the network using static routing from the information above. can i know why i'm unable to ping from pc 1 to pc2 and pc0 to pc2?
View 8 Replies
View Related
May 22, 2013
I have Cisco ASA5520 with a 8.4 code in GNS3. I have a problem pinging to the internet. On the ASA console, I can ping to outside world, but on vpc I cannot ping the outside world. But I can ping the ASA Inside interface and other VLANs, no problem. [code]
View 3 Replies
View Related
Feb 13, 2012
I am missing something and i dont no what but i am trying to ping a pc on the same network but get a destination host is unreachable. Can any one think of anything that could be causing this, i can ping the default gateway and internet address's?
!
interface FastEthernet0
no cdp enable
[Code].....
View 11 Replies
View Related
Aug 22, 2012
I have a ASA5520 with 4 Port channel interfaces and ASA Version 8.4.(2). There are many vlan interfaces but in the DMZ I have one Server who has a Static NAT to all other interfaces.
Why the first ping works and the others doesn´t work?
View 12 Replies
View Related
Nov 5, 2012
So I have a client with an ASA 5520 running version 9.0 (was on 8.4) that I am trying to get either IPSec or SSL VPN configured on. I got everything setup and tried to connect. However, I couldn't connect to either. I fired up the real time monitoring and didn't see any syslog messages referring to a VPN build up. I also enabled SSH/Telnet on the outside interface and cannot connect to the ASA outside interface. I can ping the outside interface and can ping the internet from the ASA. I did set up a test ACL on the ASA and ran packet tracer on it and the results came back fine.
There is an IPS in the ASA as well, but I disabled the ACL for that and still am having these issues. Part of me wonders if the ISP has something set up to block inbound traffic. This should be a business class connection.
View 5 Replies
View Related
Nov 7, 2012
I have 5 Static Ip pool all IPs are working fine. I have deploy a IIS Server on Windows2008 and configure the Static IP on that server. earlier it was working fine . but since last month the IP is not pinging from Out Side but internal IP Pool its working. I have checked the SERver firewall and another Setting is Ok. if i changed the Ip from the server the new IP is also not pinging.
View 1 Replies
View Related
Apr 23, 2013
I would like to setup a VPN to allow employees nomad that connect to our network from outside. Our router is a Cisco SA520 I tried different configurations without success ...Here is the current VPN configuration:I created my users IPSec, I can connect remotely, but I do not have network access ... Unable to access network shares, impossible to ping.
View 1 Replies
View Related
May 30, 2012
How can i to prevent the demonstration of a software in corporate network?
View 2 Replies
View Related
Feb 7, 2012
I have a computer that was previously connected on-site (hard wired) to a corporate network. I am now attempting to connect it on-site to my home network. While I have a live Internet connection going into the computer, I cannot connect to the Internet. Is there soem sort of setting adjustment that i need to make?
View 5 Replies
View Related
Sep 30, 2012
Looking for input on creating a guest VLAN for a client. The goal is to create a guest VLAN that doesn't have access to the corporate network using one DSL modem. They currently have a managed switch (3COM Baseline Switch 2928-SFP Plus). There are no existing VLANs or guest access. Additionally, they are looking for a WAP that supports captive portal.
View 10 Replies
View Related
Mar 17, 2013
I have created a VPN connection for ASA 5512-X by using the wizards and nothing seems to be wrong on the wizards's config.I am able to connect to the network by using the VPN but unable to ping internal network.Below is my config for your reference:
Result of the command: "sh run"
: Saved
:
ASA Version 8.6(1)2
!
hostname FAA-ASA-1
enable password crzcsirI44h2BHoz encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
[code].....
View 6 Replies
View Related
Jan 22, 2012
I have newly deployed network. I have two ASA5520-AIP20-k9. both connected to ISP and configured as Active/standby failover. the ASAs were working fine at first but later on, the internet connection becomes very slow. the ping reply i am getting from my next hop(ISP router) varies during the peak hour is some times in 2000 msec or above but during off hours, the ping reply time is 1 and 2 msec. when I directly connect my laptop to the link that comes from the ISP its ping reply is 1msec and 2msec. I thought the ping reply of the ASA5520 to the ISP gateway should be constant and should be 1 and 2 msec regardsless of the traffic passing through the firewall.
View 1 Replies
View Related
Apr 20, 2011
i have a new smc router and my local ip address and remote ip addresses are very similar. The remote ip address is updating my dns server but i am unable to ping it. Its something like 122.61.xxx.1 ?
View 8 Replies
View Related
Jan 18, 2013
From My Router that connects to Cable modem i am unable to ping website 4.2.2.2I am able to ping all other websites fines.Same website i can ping from my pc and all other switches fine.Router has only 1 ACL thats for NAT.
View 25 Replies
View Related
May 19, 2011
I'm trying following this for setting up 2 routers: [URL]I see the 1.1 is able to ping 1.2 but 1.2 is not able to ping 1.2 why?
View 4 Replies
View Related
Feb 27, 2012
I have installed and setup cisco anyconnect on a win2008 server. It is able to authenticate successfully but upon trying to establish the vpn connection to the asa5520, it shows "unable to establish vpn". Other servers and pc from the same remote site is able to establish the vpn.
View 1 Replies
View Related
Aug 5, 2011
I have a RVS4000 at one location and a second RVS4000 at home. I have established an IPSec VPN tunnel between them and it is UP. I can ping the routers from each end no problem. I can ping the IPs listed in the "Local Group Setup" and the "Remote Group Setup" from both ends no problem. I can even open up a shared resource from a Win 7 machine (e.g. by typing \10.10.10.100 in start-run from a computer on my home network).
But - i can't ping anything else on one network from the other. What gives? I need to access a 10.10.10.101 machine but can't even ping it.
- both RVS4000 boxes have latest firmware (V1.3.3.5)
- home RVS4000 setup with IP 10.10.11.1
- home network has a server with IP 10.10.11.20
- other location RVS4000 setup with IP 10.10.10.1
- other location server setup with IP 10.10.10.100
Tunnel settings on home RVS4000 (the other location properly mirror these).
- Local Security Gateway Type : IP Only
- Local Security Group Type : Subnet
[code]....
View 2 Replies
View Related
Apr 3, 2013
I have two Cisco routers - 2911 in HQ and RV180 in branch office. Because in HQ LAN network I have some development servers, to which guys from branch office need to have acces, I decided to setup VPN site-to-site between HQ and branch office. Everything went quite smoothly, on both devices I see, that ipsec connection is established. Unfortunately I am not able to ping resources from one network to other one and vice versa. Below is the configuration of 2911 router (I skipped som unimportant (imho) configuration directives) :
crypto isakmp policy 1
encr 3des
hash md5
[Code].....
View 9 Replies
View Related
Jan 7, 2013
I am able to access ASA via hostname but with IP address it does not work.Need to know what config i need to put so i am able to access it using IP by ssh and ASDM? ASA is 5520 version is 8
View 12 Replies
View Related
Jun 1, 2011
I recently had a vendor configure our 2 firewalls (ASA5520). We are replacing a active-failover PIX525 firewall in 2 locations. After the vendor configured the new ASA5520's, I was unable to access the ASDM. The configurations are a basically modified versions of the config on the PIX525. I did find that they did not set the ASDM image path. [code]
I have tried from my browser as well as downloading and installing th ASDM on my computer.
View 2 Replies
View Related
Aug 15, 2011
When I ping an address from my windows machine, it succeeds, but when I ping to the same IP on my MAC OS X machine, it fails.
1. Why?
2. How to get successful ping on my MAC machine?
View 1 Replies
View Related
Jun 19, 2012
I have a Linksys EA4500 setup on my corporate network for wireless access. I have enabled the guest network and from all I can tell it's on a seperate subnet from my internal network like it should be. 192.168.x.x My internal is on a 10.x.x.x network. I conenct to the guest network using a laptop and I'm prompted for a password to get to the internet, which I like. The one issue I'm seeing is when I'm connected to the guest network I can still do an RDP session to internal resources. How is this possible if the guest network is on a seperate subnet?I take a laptop which has not been joined to my domain, connect to the guest ssid, and then open an RPD session and enter an IP address for an internal server and it connects. Is there a setting to keep this from happening
View 6 Replies
View Related
Oct 2, 2011
I installed a RV082 at my remote branch and I successfully created a VPN tunnel to my ASA5510 at our core data center.
The PC's that I plug into any of the 8 ports are working fine. However, when I plug in a network printer, it does not work from the network, only from a PC that is also plugged into the RV082, basically locally, using TCPIP
From our data center, I can ping the printer, but the printer shows 'Off-Line'. I even tried to add a TCPIP port, in the printer setup, and it does not see it.
View 1 Replies
View Related
May 31, 2011
Our firewall expert has gone off on long term illness leave and I am trying to pick up the pieces :-(
We have an ASA 5520 (local office) talking to another ASA (remote office) via a VPN Tunnel.
My 1st problem is that I cannot ping from my inside network (local) to the outside interface of my remote ASA.
My 2nd is that I have debug enabled on my rules but am not logging anything.
View 1 Replies
View Related
