Cisco VPN :: RV042 / ASA 5510 - Site To Site VPN Configuration

Mar 7, 2013

I configured every thing in both site, there is a connection between my sites BUT I can't access my resources from Site B with it has RV042. It also shows that it connected to my ASA in Site A  but there is no traffic between sites !!! I don't know what should I do now ?

View 2 Replies


ADVERTISEMENT

Cisco Routers :: Site-to-Site VPN Configuration Between Two RV042

Apr 23, 2013

I have got two CISCO RV042 .I need to configure a site to site VPN .

View 1 Replies View Related

Cisco Security :: ASA 5510 - Site To Site IPSEc VPN Configuration Access List

Sep 12, 2011

I configurated Ipsec vpn at asa 5510. my inside ip 192.168.10.156my public ip: 85.x.x.xmy peer ip : 62.x.x.x
 
the project is that:
the remote site want the interesting traffic like that:
source ip 172.16.1.104 can access destination ip 10.0.154.27

My inside ip is 192.168.10.0/0 and i can not to change it 172.16.1.0/24 and i can not to add this ip at my network.

View 3 Replies View Related

Cisco Firewall :: ASA 5510 Identity NAT Configuration For Remote Access VPN And Site-to-Site

Mar 9, 2011

I am try to configure ASA 5510 with 8.3 IOS version.My internal users are 192.168.2.0/24 and i configured dynamic PAT and are all internet .

i want configure identity NAT for remote access VPN.Remote users IP pool is 10.10.10.0 to 10.10.10.10
 
i know to configure NAT exemption in IOS 7.2 version. But here IOS 8.3 version. configure NAT exemption for 192.168.2.0/24 to my remote pool( 10.10.10.0 to 10.10.10.10).

View 6 Replies View Related

Cisco Firewall :: Site-to-Site VPN Between ASA 5510 And 5505 Configuration

Apr 18, 2013

I am not very experienced with Cisco networking.

Here is the situation.
 
Site A - headquarters 192.168.1.x
Site B - remote office 192.168.20.x
Site C - remote office 192.168.30.x
 
Site A - ASA 5510
Site B - ASA 5505
Site C - ASA 5505
 
Site-to-site VPN is established and works between A and B, A and C. Users would like to establish a tunnel between B and C to work on a common project and the data is on Site B.
 
I tried configuring the S2S VPN with pre-shared keys on both firewalls at sites B and C but in the end it is not established (I cannot ping either side). I used the Wizard interface multiple times and one time the CLI. I generally followed the settings chosen between the headquarter and the individual remote sites and tried to replicate them. Obviously I have made a mistake somewhere.
 
Could there be any limitation on the ASA 5505 in terms of licensing and the number of S2S tunnels?

View 7 Replies View Related

Cisco VPN :: 5510 Site To Site VPN Access To Servers With Overlapped Remote Site

May 18, 2012

I have a requirement to create a site to site vpn tunnel on ASA 5510 from a remote site to my HO, ihave already other site-to-site tunnels are up and running on the ASA.The issue is my remote site has got the network address which falls in one of the subnet used in HO(192.168.10.0/24).My requirement is only  My remote site need to accees couple of my servers in HO which is in 192.168.200.0/24 subnet.

View 2 Replies View Related

Cisco Routers :: Site-to-Site VPN - Configure It Between RV042 And 2911

Dec 29, 2012

Is there a way to set up a Site-to-site VPN between RV042 & Cisco 2911? I "googled" this and obtained a document, but it is not regarding Cisco 2911: [URL]
 
Routers are needed to setup it successfully. I have tried on both routers several configuration steps, no success...

View 3 Replies View Related

Cisco Routers :: RV042 - Site To Site VPN And Behind Juniper Firewall

Mar 25, 2013

I have no problem configuring both devices to successfully connect when the juniper firewall isn't in the picture.  But due to policy; the RV042 at our main site must sit behind the firewall.
 
I've got the port forwarding setup but I'm not able to connect.  I know I"m missing some configuration on the RV042 but I can't think of it! I've attached a GIF to give an example of both setups.

View 3 Replies View Related

Linksys Wired Router :: Site To Site Between Two RV042 With Static IP At Both

May 7, 2012

I am trying to set up a Site to Site between two RV042 with static IP at both routers.at the log at site 1 i get: packet from XX.XXX.XX.167:5: initial Main Mode message received on 10.2.32.1:500 but no connection has been authorized with policy=PSK.At site 2 i get: packet from xxx.xxx.xxx.146:500: initial Main Mode message received on 192.168.1.1:500 but no connection has been authorized with policy=PSK.I have tuned off the firewall and added a Port forwarding to the router ip and port 500.Tried with different autentication methods, but get the same message.

View 1 Replies View Related

Cisco VPN :: Site-to-Site VPN Between RV042 And 1941 Router?

Jul 6, 2012

how to configure a site-to-site VPN between RV042 router and 1941 router?

View 0 Replies View Related

Cisco VPN :: Can't Establish Site-to-site VPN Between RV042 And RV220W

Sep 3, 2012

I'm trying to establish a site to site VPN using ipsec between an RV220W in the UK and an RV042 in Italy to no avail.The RV042 tells me it's "waiting for a connection" and it gives 0.0.0.0 as the remote address (i'm using Dynamic addressing at both ends). I can ping the remote address with a response.The basic parameters I'm using is 3DES with SHA1, but the RV042 offers an option for Perfect Forward Secrecy which the RV220W does not (I've tried toggling this) and the RV220W offers and Extended Authentication mode which I can't see on the RV042.

View 2 Replies View Related

Cisco Routers :: RV042 Site To Site VPN With Dynamic IP?

Nov 28, 2012

I recently bought two RV042s to create a site to site VPN for a client.  I have several of these setups installed at other locations but this is the first version 3 hardware I've used.It seems like the dynamic IP functionality of the VPN setup may not be working correctly.  I've verified all settings on each router match and have deleted/recreated the setup several times just to make sure.  Here's the logs from the router with a static IP.
 
Nov 29 06:49:51 2012 VPN Log (g2gips0): deleting connection 
Nov 29 06:49:51 2012 VPN Log added connection description (g2gips0) 
Nov 29 06:49:51 2012 VPN Log listening for IKE messages 
Nov 29 06:49:51 2012 VPN Log forgetting secrets 
Nov 29 06:49:51 2012 VPN Log loading secrets from '/etc/ipsec.d/ipsec.secrets' 
Nov 29 06:49:51 2012 VPN Log (g2gips0): cannot initiate connection without knowing peer IP address 
Nov 29 06:49:51 2012 VPN Log (g2gips0): cannot initiate connection without knowing peer IP address 
 
I've tried both dynamic IP + email and dynamic IP + FQDN to authenticate the router using the dynamic IP and both give the same error as above.I did a firmware update hoping to fix PPPoE which seemed to be broken with a Netopia modem in bridge mode so both routers are on the latest firmware, v4.2.1.02. 

View 18 Replies View Related

Cisco Routers :: WRVS4400N Site-to-site VPN With RV042?

Oct 15, 2012

May I know can the 2 models WRVS4400N and RV042 perform site-to-site vpn with each other?

View 1 Replies View Related

Cisco Routers :: RV042 - Site To Site VPN Speeds

Jan 24, 2013

I have an RV042 connected to another RV042 via site-to-site VPN.  The tunnel has been solid for months, but when I did an actual read/write test between PCs at either endpoint, the speeds were quite slow.

Endpoint A has a line speed of 25/5.
Endpoint B has a line speed of 50/7-ish.
 
Read/write test from A to B was about ~3 write and ~7 read. Does this sound normal for these routers?  I was hoping for better performance than that.

View 1 Replies View Related

Cisco VPN :: Site-2-Site VPN Between 850 And Linksys RV042 Is Up

Nov 8, 2012

My problem is VPN Site2Site between Cisco and Linksys routers: after a troubles vpn tunnel now seems up but no data is passed accross tunnel.This is configuration of Linksys RV042 (Firmware Version: 1.3.12.6-tm, seems last for this hardware [code]

View 1 Replies View Related

Cisco VPN :: 5510 Site-to-Site VPN Internet Access From Branch Office For Group

Mar 6, 2013

Our Headquarter (asa 5510) is running a site to site vpn connection with a Branch office (router 2811). All remote users are accesing the internet through the VPN and also accesing headquarter file servers.I want to know if there is a way for some remote users to be able to use the vpn for accesing the file servers but to access the internet through the branch office.  The rest of the remote users will be still accessing the internet through VPN.

View 2 Replies View Related

Cisco VPN :: ASA 5510 Implicit Deny Access Rule Blocking Site-to-Site VPN?

Apr 22, 2012

I've setup a site to site vpn on an ASA 5510 using ASDM (as I have many times before) and the tunnel appears to be up but I am not able to pass traffic.  When I run the packet tracer from my inside network to the remote destination network, it shows that it is blocked by the implicit deny ip any any rule on my inside incoming access list.

View 5 Replies View Related

Cisco VPN :: ASA 5510 - AnyConnect Users Cannot Access Remote Office Over Site-to-site

Jul 15, 2012

we have two ASA 5510s one in 8.4(4) and one in 8.2(5) in a site-to-site VPN setup. All internal traffic is working smoothly.Site/Subnet A: 192.160.0.0 - local (8.4(4)) Site/Subnet B: 192.260.0.0 - remote (8.2(5)) VPN Users: 192.160.40.0 - assigned by ASA When you VPN into the network, all traffic hits Site A, and everything on subnet A is accessible.

Site B however, is completely inaccessible for VPN users. All machines on subnet B, the firewall itself, etc... is not reachable by ping or otherwise.There are also some weird NAT rules that I am not happy with that were created after I upgraded Site A ASA to 8.4

Site A internal: 192.160.x.x     External: 55.55.555.201(main)/202(mail)
Site B (over site-to-site) is 192.260.x.x     External: 66.66.666.54(all)

I pretty much just have the basic NAT rules for VPN, Email, Internet and the site-to-site.What do I need to add for the VPN to be able to access the site-to-site network?

Here is my NAT config:

nat (inside,Outside) source static DOMAIN_LOCAL DOMAIN_LOCAL destination static VPN_Network VPN_Network no-proxy-arp route-lookup
nat (inside,Outside) source static DOMAIN_LOCAL DOMAIN_LOCAL destination static DOMAIN_REMOTE DOMAIN_REMOTE no-proxy-arp route-lookup
!
object network DMZ_Network
nat (DMZ,Outside) dynamic interface
object network DOMAIN_LOCAL

[code]....

View 3 Replies View Related

Cisco VPN :: Remote Client Cannot Connect To Local Network Or Site To Site ASA 5510

Jul 21, 2011

I setup RA-VPN under local asa 5510 IP pool (192.168.127.0/24) and all was working fine. I got internet and local network access.
Then i have 5 site to site VPN working fine but when im traying to access to those L2L VPNs from the remote acces client im not able to do that. So after that i decided to obtain IP addresses from my DHCP server so i can obtain IPs from my local network (172.17.16.0/16) and then access normally to the VPN site to site. But the surprise was that the VPN cisco client is getting local IP address (172.17.16.222) perfectly but im not able to access even to my local network.

I have the same-security-traffic permit inter-interface same-security-traffic permit intra-interface enable.

View 6 Replies View Related

Cisco VPN :: ASA 5510 - ISP Site To Site Failover With Single Remote Peer Address

Apr 16, 2011

I have a ASA 5510 actve/standby and create one site to site VPN with remote peer ip address xx.xx.xx.xx, Our VPN traffic running on 6 mb internet link for video conferancing traffic.Now client give another link 2 mb internet and client told to us our data traffic runnig on 2 mb link but this data traffic running on the same remote peer IP xx.xx.xx.xx.
 
Secondly request also they need failover over the ISP link.
 
how we immplement the same on ASA 5510.

View 0 Replies View Related

Cisco Firewall :: Adding Multiple Site To Site VPNs In ASA 5510

Oct 10, 2012

I have a ASA 5510 at our corporate HQ that has one site to site VPN. I need to add 6 additional site to site VPN's to this ASA for our remote branches. How can I add them without affecting the existing site to site VPN?  The 6 site to site VPN's will all have the same settings however these settings are different from the existing site to site that I already have set up. How can I set it up so the 6 additional VPN's use their own crypto map and all use the same settings?

View 1 Replies View Related

Cisco Firewall :: ASA 5510 - Allow Only One Host Access To VPN Site To Site Tunnel

May 28, 2012

I have a ASA 5510 that has multiple site to site VPNs. I need to create an additiona site to site VPN but only allow 1 host to access and traverse the tunnel. The network is on a 192.168.5.x but the host that will need to access this tunnel needs to be on a 172.16.33.x network. I dont want any other traffic allowed to access or traverse the VPN tunnel for this host.  How can I set this up?

View 33 Replies View Related

Cisco VPN :: 5510 Hair Pining VPN Clients Through A Site-to-site Tunnel

Apr 30, 2013

I have an ASA 5510 8.2(5) in Site1 and a ASA 5505 8.2(1) Site2 they are setup with a site to site tunnel.Each site has VPN clients that connect and I would like to allow clients from both sides access to servers on the other side of the site-to-site tunnel.
 
I enabled same-security-traffic permit intra-interface I also added the remote networks to access-list that is doing the split tunneling. [code]

View 33 Replies View Related

Cisco VPN :: ASA 5510 - Remote Subnet Group To Access Other Site-site VPN?

Feb 14, 2011

I have a cisco ASA 5510 at the branch here. It terminates about 8 vpn tunnels and also it supports remote access clients. I just have a quick question. Can my remote sub-net group access the other remote access site-site VPN subnet group. If yes then how should i configure it.

View 6 Replies View Related

Cisco VPN :: ASA 5510 VPN Site-to-Site IKE Initiator Unable To Find Policy

Sep 30, 2012

I have a dynamic VPN site to site between ASA 5510 vs C880 with segment 172.23.191.0/25 for ASA side and some host in C880 side (e.g. 128.1.100.211, 128.1.115.181, 128.1.104.212) . The VPN is up, but only have communication with a host (128.1.115.181).
 
In the logs appears the next message when I try communication for all aother IP in the policy map configuration: IKE Initioator unable to find policy: Intf Inside, Src: 172.23.191.87, Dst: 128.1.115.182..ONLY WHEN I PINGING FROM SOME HOST IN C880 SIDE (e.g. 128.1.100.211) the communication is successfull.

What happen with this VPN, because I need to pinging from C880 IP host to ASA segment for establish communication?

View 7 Replies View Related

Cisco :: Site-to-Site From 5510 To 5510 One Dynamic One Static IP?

May 26, 2011

I'm trying to figure out how to get two 5510 ASA's to establish a Site-to-Site VPN.The version with two static IP's is working perfectly and stable but I haven't figured out how to get a VPN running between a static and a dynamic IP

View 12 Replies View Related

Cisco AAA/Identity/Nac :: Configure Radius Authentication Across Site-to-site VPN For ASA 5510-01 For Remote Access?

Jun 28, 2012

I am attempting to configure Radius authentication accross a site-to-site VPN for my ASA 5510-01 for remote access.
 
 ASA5510-1 currently has a live site to site to ASA5510-2.
 
ASA 5510-1 - 10.192.0.253
 
ASA 5510-2 - 172.16.102.1
 
DC - 172.16.102.10
 
ASA5510-01 can ping the DC and vica versa but is unable to authticate when i perform a test. ASA5510-01 can authenticate to a DC on it;s own LAN but not on the remote LAN that DC sits on.
 
I have double checked the 'Server Secret Key' and ports as well as various users which all work locallly. ASA5510-02 authenticates to DC with no problems.

View 3 Replies View Related

Cisco VPN :: 1362 / 5510 / Change MTU For Just One Site-to-Site VPN Between ASAs?

Sep 17, 2012

I'm setting up a Site-to-Site Cisco VPN between ASAs. I'm being told by the remote site engineer to set the maximum MTU at 1362. Is it possible to set the MTU for one specific site-to-site VPN on my ASA 5510 Security Plus to MTU 1362? I see my interfeces are all set at 1500. If not, would you recommend I setup a subinterface on my inside network router and a subinterface on the ASA with an MTU of 1362 to get around this issue? Then use this subinterface for traffic from my inside network to transverse through prior to hitting the VPN.

View 1 Replies View Related

Cisco VPN :: 5510 - Site-to-site IPsec VPN / ASA To IOS And Redundant ISPs?

Oct 3, 2012

Site A has an ASA 5510 and a single internet connection.Site B has two internet connections (primary and backup). If Site B also has an ASA, I can configure Site A's ASA to deal with a failover at Site B (set peer 1.1.1.1 2.2.2.2). Does this work if Site B has an IOS router instead of an ASA? In other words will "set peer 1.1.1.1 2.2.2.2" on the ASA work when it's talking to IOS on the other end?

View 15 Replies View Related

Cisco VPN :: ASA 5510 - Site To Site Tunnel Breaks On Upgrade To 8.3.2?

Jan 29, 2011

I have a site to site tunnel (bidirectional) configured between two ASA 5510's (head office and remote office) running 8.2.2. I'm trying to upgrade one end (head office) of the tunnel to 8.3.2 but when I do that, traffic from the remote office to the head office isn't transported. Traffic from the head office to the remote office is still fine (remote desktop sessions, etc).

A quick comparison of the 8.2.2 config and the 8.3.2 config on the head office ASA look identical in terms of the crypto/site-to-site commands.Is there any Cisco guide created yet for creating site/site tunnels under 8.3.2? I'm able to upgrade both ASA at the same time if that's determined to be a prerequisite.

View 2 Replies View Related

Cisco Firewall :: ASA 5510 / 5505 - Site-to-site VPN One Way Access

Dec 12, 2011

We have a Cisco ASA 5510 at our main office that makes connection with a 5505 at our other office using site to site VPN. (works)
 
Now for the question,
 
we want to access our other office from the main office but we wont want them to have access to our servers etc. so basically we want to control them but they shouldn't have the rights to control us.

Is this possible with a site to site VPN? and how to do it.

View 7 Replies View Related

Cisco VPN :: 5510 Create A Site-to-site VPN Without Access To Public IP?

Jul 12, 2012

Our HQ office has an ASA 5510 with full access to internal and external IP's.  We have a small group of remote users that are working from a shared office suite and they only have Internet access by way of internal default gateway.  Using a VPN client is not desirable due to many other devices requiring access to HQ.  Is there a way to create a site-to-site VPN from this remote office space back to HQ (ASA 5510) if they have no access to the public IP address on their end?

View 2 Replies View Related

Cisco VPN :: Make Site-to-site VPN Between 1800 Router And ASA 5510

Nov 29, 2011

I was traying to make a site to site VPN between a cisco 1800 router and cisco asa 5510. But it was impossible to get it. [code]

View 1 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved