Cisco VPN :: Can't Ping Anything From Client - ASA 5510

Nov 15, 2011

I have a VPN client running on a laptop connected a DSL circuit. The VPN client is configured correctly for an external address on another firewall, this external firewall passes through ISAKMP / IPSEC to an ASA where it terminates. The client authenticates and gets an address from the client pool (VPNCLIENTS – 10.2.16.x / 24) and the tunnel completes with no problems. From the internal ASA I can ping any internal network behind the interface (INSIDE) and I have a route on the inside network to get to the 10.2.16/0 clients to point to this address ( All good so far.
Now the problems begin. I cant ping anything from the VPN clients ( network to anywhere, I cant ping any interface on the ASA or any internal network. I also cant ping the client from the ASA and therefore not from the internal network either. This configuration is bare bones configuration so I don’t even have the NAT exception rules added. Network diagram attached too.
interface Ethernet0/0
nameif outside
security-level 0


View 3 Replies


Cisco VPN :: ASA 5510 - Client Can Connect But Can't Ping

May 27, 2013

I have an ASA 5510 with the configuration below. I have configure the ASA as remote access vpn server with cisco vpn client, my problem now is I can connect but I can't ping.
ciscoasa# sh run
: Saved


View 14 Replies View Related

Cisco VPN :: 5510 Remote Access VPN / Ping From Client

Jul 26, 2011

I'm configuring ASA 5510 Remote Access VPN, I can connect from Cisco VPN Client to the ASA VPN. I obtain from ASA some routes to inside networks, but I can't do any ping to those inside hosts. I have got those error in ASDM log file: [code]

View 1 Replies View Related

Cisco VPN :: ASA 5510 - Can't Ping Or Remotely Control Some Client Machines

Feb 15, 2012

We have been using the VPN client for a very long time.  Our most current VPN setup is using an ASA 5510, without split tunneling.  We tunnel all traffic.  We are using IPSec group authentication off of an AD domain controller.
Recently I have been having some issues with some of the client machines, and I can't for the life of me figure out what the issue is.  Some machines will not respond to pings, and I cannot remotely access the machines (using Dameware Remote Control) while they are connected to the VPN.  Other client machines work fine.  In fact there have been a couple instances where I have two machines in a remote office, using the same internet connection, both connected to the VPN, where I can ping and remotely manage one machine, but not the other.  If RDP is enabled, I can sometimes get into those problem machines via RDP.  But this is crippling our ability to remotely support many of our VPN users, and I just don't know what to look for.
I have tried disabling Windows firewall completely, and that does not seem to work at all.  The only other thing I can think of is I recently upgraded our McAfee software.  But it does not prevent us from getting connected to or pinging any of the systems on our physical network, nor to half of our VPN users. Most of our clients are running Windows 7, or Vista, and using the client version, or  Most of the clients using are using the 64-bit version.

View 10 Replies View Related

Can't Get Ping Of Client Ip

Oct 12, 2011

i can't get my ping of client ip.

View 1 Replies View Related

Client Can't Ping To Server?

May 7, 2012

I insert data from two clients.(1 window server 2003,2 XP clients ) the two client print paper and the printer is shared printer. At the same time two clients print paper and the printer stop working. So I restart my two clients and server. After restart the clients cannot ping to server.

View 1 Replies View Related

Cisco WAN :: Can Ping From 7200 But Cannot From Client Machines

Aug 28, 2012

I am having a weird issue with my Cisco 7200 router. From the router i am able to ping and reach out to the internet but from the client i am able to reach out to the internet but unable to ping I am not sure where is the issue but when i traceroute to it my packets are dropped at my routers interface. All my pings from the client time out. I checked the Access list to make sure ICMP is not blocked. Following is my running conf
ip audit notify log
ip audit po max-events 100
ip ssh break-string ~
ipv6 unicast-routing
no ftp-server write-enable


View 2 Replies View Related

Cisco Firewall :: Can't Ping Internal Client From Pix 515

Mar 28, 2012

I just setup my home network with Pix 515 acting as my router/firewall but I can't seem to ping my internal PC from my ASA. I can access the internet and ping my Pix 515 inside interface from my pc but I can't ping my pc from my Pix 515. I can also renew/release IP's from my PC. I also did a packet tracer and it says that it was dropped due to an access list but I have one in place. Also my switch has the default config. Below is my config
Internet <----> Comcast modem <-----> Pix 515 <-------> Cisco switch <-----> PC
: Saved


View 4 Replies View Related

DHCP Server Cannot Ping Client

Aug 23, 2011

A Windows Server 2008 r2 with 2 internet ports. One (IP: connected to company intranet and one ( as DHCP server connect to several PCs (192.168.10.**) through a switch.The problem is the PCs (192.168.10.**) can ping the DHCP server ( , while DHCP server ( can not ping (192.168.10.**).How to configure the server so that all these PCs can access the intranet?

View 4 Replies View Related

Cisco VPN :: 1921 / EasyVPN Client Gets Assigned IP But Cannot Ping Anything Else

Aug 28, 2011

(Router is ISR 1921)This is doing my head in. I am not using NAT, there are no ACLs, there is no split horizon.Here is what I have. It is practically generated by CCP. When connected I cannot ping the loopback interface or the gig0/0 interface, (not to mention anything else).
version 15.0
service config
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname dcsgw1


View 13 Replies View Related

Cisco VPN :: ASA 5520 Client VPN Can Gets Connected But Can't Ping LAN Server

Apr 21, 2013

CISCO ASA 5520 -K9 .Client can connects ASA server and get ip address(172.168.31.X),but can't ping ASA inside interface ip address and other servers in lan .

View 2 Replies View Related

Cisco WAN :: 2800 / VPN Client Gets Connected But Cannot Ping Local LAN

Jan 18, 2013

I am trying to connect my 2800 Series CIsco Office router with VPN client software from home. I can successfully authenticate and get the IP address from the pool configured  but couldnt ping any LAN Ips including default gateway. I am pasting my router's configuration.

IP Address Of LAN: 192.168.22.x/ 24
IP Addresses handed out to Clients:
 aaa new-model
aaa authentication login default local

I have noticed that my virtual-access interface comes up but the line protocol of virtual-interface remains down as follows:

Virtual-Template100        x.x.x.x YES TFTP   up                    down
Also The client PC picks up a random gateway of which I never configured anywhere on the server.

View 26 Replies View Related

Cisco VPN :: Inside LAN Cannot Ping RAVPN Client On ASA5500

Mar 9, 2011

I have configured Remote Access VPN on an ASA5500 Firewall. I am able to login normally and Ping Internal servers on the LAN. However, The servers cannot ping my IP address that i am taking from the RAVPN Pool. So it is a one way communication.

View 2 Replies View Related

Servers :: Ping Server But Cannot Browse On Client?

Mar 16, 2011

two of my workstation can not receive ip address from the server but can ping server. So i can not browse with them

View 3 Replies View Related

Cisco Wireless :: AP541 - Wireless Client Can't Ping Wireless Client

Oct 19, 2011

I have a setup involving 3 clustered AP541 running off a sg300 switch. The wireless network setup VAP has one entry for vlan 1 with station isolation disabled. Is there anything more I need to do to allow one wireless client to ping another wireless client - am I missing something - i assume this is possible.Needless to say wireless clients can ping non wireless clients and vice versa quite happily. Everything is running with factory default settings more or less.

View 4 Replies View Related

Cisco VPN :: ASA 5520 - Cannot Ping Or Remote Desktop Connect To Any Client

Apr 18, 2013

I have a need to Remote Desktop connect to company’s employees for support then they are abroad and using Cisco AnyConnect client.Cisco AnyConnect client connection works fine, clients can reach company’s inside network without problems, but I cannot make revers connection, I cannot Remote Desktop connect or ping VPN clients from companies inside network. I cannot ping clients from ASA too.I am using ASA 5520, Cisco Adaptive Security Appliance Software Version 8.4(3) Device Manager Version 6.4(7), and Cisco AnyConnect VPN Client 2.2.0133. Protocol Encryption- AnyConnect-Parent SSL – Tunnel DTLS-RC4 RC4 AES 128.

View 0 Replies View Related

Cisco Wireless :: 877W - Client Can't Ping Access Point

Oct 11, 2012

Ive been struggling with this issue for a week now with an 877w (now with andvanced ip ios) in short my wireless network consists of
The internal dot11 sibinterface 0.11 radio (IP Address which on bridge group 1 (IP Address  The SSID for the radio is on vlan 11 which has no ip address.
This works i can ping the internal network and internet
The guest dot11 sibinterface 0.10 radio (IP Address which on bridge group 2 (IP Address  The SSID for the radio is on vlan 10 which has no ip address.
This dosnt work i get no no recived packets on the clients network stats and i cant ping any name servers or the radio ip address.The client is listed as being successfully accosated with the show dot11 assoc commmand
Ive tried taking the guest wireless and creating a new vlan for it (so its not on the same vlan as the tmg firewall interface) so that i have only the dot11 radio and vlan 12 on brige group 2 but the same thing happens no traffic on the guest vlan.
Ive turned off all authentication while testing this and the wireless network is currently in open mode until its fixed ive also only configured whats neccessry to test the wireless connectivity (no radius etc) that will be added later, Im also not using dhcp yet and the client is configured to the apporprite adderess staticly ie its not a dhcp issue
!version 12.4no service padservice timestamps debug datetime msecservice timestamps log datetime msecno service password-encryption!hostname Router!boot-start-markerboot-end-marker!logging message-counter syslog!aaa


View 4 Replies View Related

Cisco VPN :: Client Get Connect But Request Timed Out When Ping 837 Router

Apr 30, 2013

I'm using the cisco 837 router as my VPN server. I get  connected using Cisco VPN Client Version 5. But when I ping the router  ip, i get request timed out. Here is my configuration :
Building configuration...

Current configuration : 3704 bytes
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec

View 7 Replies View Related

Using LAN Connection Can't Ping Client On Windows Server 2003

Nov 20, 2011

Why i can't ping client to server using LAN connection. but i can ping server to client. i use windows server 2003 as a server.

View 1 Replies View Related

Cisco Routers :: Quickvpn / Client To Gateway Vpn Rv042 Can Only Ping Router?

Jan 27, 2012

I am setting up remote access using an RV042 router.  Using quickvpn or a client-to gateway vpn and shrewsoft client,  I can only access/ping the LAN side of the remote router and one machine on the remote network.  The PPTP server and native Windows 7 connection provide access to all machines on the remote network.I have 2 possible reasons for this and would like to find the real reason:
1) The remote RV042 is behind another router, and that router restricts access other than the PPTP traffic.

2)  The VPN tunnels other than PPTP only allow access to the remote LAN side of the router and remote machines that have the remote router defined as their gateway in the IP configuration.

View 2 Replies View Related

Cisco VPN :: 5510 VPN Only Allows Ping One Way

Sep 8, 2012

Today we physically moved an ASA 5510 across town and took another location off of fiber and onto a VPN with the asa 5510, via a brand new 5505. The VPN seems to be up however no local traffic seems to be passing. The ASA 5510 can ping to the internal network of the 5505 but not vice versa.
The site that was moved is the 62.0 network, it is connected to the rest of the network through the new ASA 5505. I'm sure this is something elementary that I somehow missed.

View 16 Replies View Related

Cisco Firewall :: ASA 5512-X / VPN Client Is Connected But Unable To Ping Internal Network

Mar 17, 2013

I have created a VPN connection for ASA 5512-X by using the wizards and nothing seems to be wrong on the wizards's config.I am able to connect to the network by using the VPN but unable to ping internal network.Below is my config for your reference:
Result of the command: "sh run"
 : Saved
ASA Version 8.6(1)2
hostname FAA-ASA-1
enable password crzcsirI44h2BHoz encrypted
passwd 2KFQnbNIdI.2KYOU encrypted


View 6 Replies View Related

Cisco VPN :: 5510 Vpn Client With No Nat

Jan 26, 2011

i have a 5510 with a working VPN but discovered that anyone connecting from a public IP can connect to VPN but can't go if i have say a linksys wifi on my cable modem and a private IP i can connect no problem. but if i'm on like a verizon data card which gives me a public IP i can connect to VPN but receive the below errors in my asa logs and can not reach anything on the network.What do i need added to allow remote ends without a nat device to also work?

View 4 Replies View Related

Cisco VPN :: Asa 5510 And Pix 515 VPN Client

Jan 1, 2012

Since last week we are having problems with remote users working with VPN client on Windows XP.The connection is stablished but no data traffic occurs. 

As we didn't do any change in vpn remote settings I did a test from Linux machine running VPNC client and it works well.It sounds so weird because it happens only on Windows client platform.We have CISCO ASA 5510 and PIX 515 running 8.0(4).

View 4 Replies View Related

Cisco VPN :: Cannot Ping DNS Server ASA 5510

Jan 30, 2013

I have recently got our Cisco engineer to create a VPN connection to our network through a ASA5510. I am able to ping all devices on the network bar two servers (2xW2K3, one configured with AD/DNS and the other is a AD/file server) using IP addresses ,However, I cannot ping any devices using host names. The engineer has entered in the correct IP address of our DNS server, but still we have this issue. As the VPN client cannot ping the DNS server, it is unable to resolve the host names, but I cannot seem to work out why we cannot ping the DNS server.

View 1 Replies View Related

Cisco VPN :: ASA 5510 - Ping Is Not Allowed On From

Feb 23, 2012

VPN between datacentre & office ASA 5510 & HP routers site-to-site vpn, и networks If I ping internal routers' cisco address from network host ( I get ping timeout At the same time I see the same messages in ASDM monitoring when successful ping reaches and comes back to host ( for example) Pings from to hosts are ok, only is silent Looks like icmp echo reply is not allowed or smth like that, where to take a look?why monitoring looks ok instead of denied according to ACL...?

View 2 Replies View Related

Cisco VPN :: 5510 VPN Tunnel Looks Up But No Ping

May 30, 2012

I had a pix that had two working tunnels going to one 5510 and one 5520. Today the VPN tunnel to our 5520 stopped working but if I do sh cry isa sa both tunnels have QM_IDLE as the state. (both ends) I tried to debug crypto isakmp 255 but all I get is PEER_REAPER_TIMER and no other output on the pix side.

View 20 Replies View Related

Cisco VPN :: Unable To SIP Through ASA 5510 Client>

Feb 24, 2012

I have configured VPN client on my ASA 5510,

I am trying now to telnet my call manager on port 5060 and on port 2000.

When i am connected localy i am able to telnet both ports, but when i am trying to connect through cisco VPN client i am able to telnet the port 2000 and not able to telnet 5060. Both ports are on the same call manager.

When using windows VPN i am able to telnet both ports.

if i removed inspect SIP from: policy-map global_policy class inspection_default

View 8 Replies View Related

Cisco VPN :: 5510 Configured Client-less SSL VPN

Aug 9, 2011

I am having an ASA 5510 and have configured Clientless SSL VPN in it. Now I need to allow my SSL VPN user to access on a particular application(like mspaint.exe for example).When the user login to the SSL VPN, he should see only the particular aplication or must be able to access on the particular application.

View 2 Replies View Related

Cisco VPN :: ASA 5510 - Does Client Work With ACS

Oct 30, 2011

I woudl like to ask all of you that i have ASA 5510 and i want to do VPN client authetication with LDAP, after verify username and password with AD and it use policy with ACS?

View 3 Replies View Related

Cisco VPN :: Can't Access To ASA 5510 With VPN Client

Mar 13, 2013

I've found that my clients can NOT access to my ASA 5510 with their Cisco VPN Client Ver 5.0 through IPsec over UDP.By comparing my new running config with the old one I found some strang following configuration: [code]
We have 3 diffrent IT expert who have access to our router and I think this configuration is cause of our VPN access problem.Is it really because of that or something else.Any way I want to know how can I get rid of these configuration?

View 7 Replies View Related

Cisco :: ASA 5510 Ping Between Inside Interfaces

May 4, 2012

I have two inside interfaces (both security level 100) inside and inside110. Inside is and inside110 is I have a PC on the network. I cannot ping the IP of interface inside110.

View 2 Replies View Related

Cisco Firewall :: 5510 Enabling Ping For Dmz

Mar 4, 2011

I currently have an ASA 5510 unit. I have a dmz setup which house some web servers and an inside interface. The web servers contain multiple public ip addresses which I have natted and access is fine.What is the most simple way to enable ping for my dmz from the outside. Meaning if someone outside the network pings one of the servers by its public ip address I would like it to respond to ping.

View 1 Replies View Related

Copyrights 2005-15, All rights reserved