Cisco WAN :: Unable To Access From VPN Fortigate To ASA 5505

Mar 25, 2013

Problem : Unable to access user A to user B
 
User A --- router A (122, fortigate 80c) --- (Site to Site VPN between fortigate & cisco asa) --- router B (93, cisco Asa 5505{in front asa got cisco800[81] before to internet} )  --- User B
 
After using wizard to configure the site to site VPN, the site-to-site tunnel is up.

Ping is unsuccessful from user A to user B

Ping is successful from user B to user A, data is accessable
 
After done the packet tracer from user A to user B,
 
Result :
Flow-lookup
Action : allow
Info: Found no matching flow, creating a new flow
 Route-lookup
Action : allow
Info : 192.168.5.203 255.255.255.255 identity

[code]....

View 6 Replies


ADVERTISEMENT

Fortigate 50b / VPN - How To Access LAN Resources

Feb 9, 2011

I've set up a VPN using a fortigate 50b wifi and forticlient ipsec VPN. when I log into my office from home, I cant see anything on my network at all. I can however remote desktop into other PC's and can access stuff that way. I was under the assumption that ... one a VPN connection is made in the LAN you should be able to see other pcs and servers in the workgroup. Is this not the case or do i need to configure something?

View 2 Replies View Related

Cisco VPN :: ASA 5505 / Remote Access VPN - Unable To Access Internal Network

May 7, 2012

I have created remote access vpn in my ASA 5505. The tunnel is established but i am not able to access the internal network.

View 3 Replies View Related

Cisco WAN :: ASA 5505 Unable To Access Internet

Mar 19, 2013

I have an ASA 5505 which is unable to acces the internet, even when reloading just the basic config.If i setup my laptop with the outside ip or another ip in the subnet, it does work.
 
[code]....

View 2 Replies View Related

Cisco VPN :: ASA 5505 - Unable To Access Company LAN

Oct 24, 2012

I have a ASA 5505 that I have been using to test run the IPSec VPN connection after studying the different configs and running through the ASDM I keep getting the same issue that I can't receive any traffic.
 
The company LAN is on a 10.8.0.0 255.255.0.0 network, I have placed the VPN clients in 192.168.10.0 255.255.255.0 network, the 192 clients can't talk to the 10.8 network.
 
On the Cisco VPN client I can see lots of sent packets but none received.
 
I think it could be to do with the NAT but from the examples I have seen I believe it should work.
 
I have attached the complete running-config, as I could well have missed something.

FWBKH(config)# show running-config           
: Saved
:
ASA Version 8.2(2)

[Code].....

View 2 Replies View Related

Cisco Firewall :: Unable To Access Internet With ASA 5505

Sep 27, 2012

I have config ASA 5505 and it is conencted to layer 3 switch that connects to cable  Modem.
 
ASA is config with DHCP option and PC is able to get the IP from ASA. But from PC i am unable to access the internet. From ASA  itself i am able to ping the Websites fine.
 
ASA has config with DHCP for inside and also it is doing NAT.
 
When i connect the ASA  directly to Cable modem then pc is able to access the internet.

View 4 Replies View Related

Cisco VPN :: Unable To Access Internet Using VRF-lite On Through ASA 5505

May 4, 2012

I am trying to “build up” a small home-network and using some of following Cisco equipment’s
 
ASA 5505 v8.4.3 witch base licenseCisco Catalyst 3750G with ipservices version 15.0.xand 1 qty of AP1142N I am not able to get internet access from any VRF’s.
 
From "MILAN (LAN) VRF, I am able to ping my gw: 10.45.45.1 but I am not able to ping for example: “linknett VRF”.
 
It seems that i am missing some NAT rules on ASA or ?
 
If i connect my laptop directly to the ASA, i am able to get internet access!
 
I am not feeling comfortable with a new ASA 8.4 code yet, so im not so sure which exact code's i am missing on ASA ...
 
attached digram including configuration files from ASA and 3750 sw.

View 17 Replies View Related

Cisco :: ASA 5505 Series / Unable To Access New Subnet

Dec 7, 2011

I am working on a site that has recently added a new subnet and I am unable to ping any of the stations on this new network. I have configured an Exempt NAT rule just the same as the rules allowing access to other networks. I have a feeling the problem is in the Site-to-Site VPN configuration since the new subnet is at the primary location over the VPN.
 
In the site-to-site configuration I added the new subnet to the list of "Remote Networks" and I still can't communicate with any of the devices on the network. If I go to the main site I have no problems so it appears to be related to the VPN or a configuration in the ASA on that site.
 
A port scan shows that all the traffic is "filtered" so somewhere either the site ASA or the main ASA is blocking the traffic.

View 7 Replies View Related

Cisco VPN :: ASA 5505 / Unable To Access Remote Network

Jun 24, 2012

I have a Cisco ASA 5505, with basic 50 license, that is connected directly to the Cable Modem with a public IP. I have VPN configured and active on the Outside interface. When we connect, we connect just fine with no errors, but we are not able to access any resources on the remote network.
 
ASA IOS version 8.2(5)
Remote Network IP: 10.0.0.0/24
VPN IP Pool: 192.168.102.10 - 25

View 4 Replies View Related

Cisco VPN :: Unable To Connect Between Remote Site And Access ASA 5505

Jan 30, 2013

I am having issue with network connectivity between remote access (RA) VPN users and remote site VPN hosts.
 
Topology is:
RA VPN laptop (192.168.200.3 /24) ---- internet ---- Head Office (ASA5505) -- LAN subnet 10.0.0.0 /24
 
SiteB (10.0.10.0 /24) ---- internet ----- Head Office (ASA5505) ---- LAN subnet 10.0.0.0 /24
 
From head office there is no issue communicating with RA VPN and siteB hosts but Site B hosts and RA VPN users can not communicate each other totally (ping failed too).
 
Site B is using Cisco 867 router with IPSEC VPN to the ASA5505 at head office. I have added the ACL on this router to access 192.168.200.x /24 for VPN traffic and exempt from NATing. When I enabled ' drop log' in the class-map in the Zone based firewall config, I could not see any ping packt comes in so I believe the issue is at ASA5505 config.
 
At ASA5505 I use split VPN tunnel ACL and have included the subnet for 10.0.10.0/24 as well as 192.168.200.0 /24. This split tunnel ACL are applied to both the IPSec VPN tunnel and also the RA VPN group policy. The ASA is using sw version 151-4.M5.

View 6 Replies View Related

Cisco Firewall :: 5505 - Users Unable To Access External Email Servers ASA?

Nov 28, 2011

I have a issue that i am at a loss as how to solve it. I have an ASA 5505 as my firewall. I have users from other companies who visit from time to time and are unable to use their outlook email to send messages. They can however receive messages without a problem. I also have a situation where users who use windows live to access gmail are unable to send messages.
 
I have narrowed it down to the fact that these uses are using  ssl/tls to send the mails. I did some research and found out about the inspect esmtp setting in the ASA.  I have disabled it and i still have to problem. I have also removed all outbound deny statements and still no luck.
 
Of note is that i can send emails without attachments. They take a long time to go out ( from minutes to hours) but eventually they do. Emails with attachments of even 10k do not go at all.
 
I was running image 8.2.3 and i downgraded to 8.0.5...still did not work...i upgraded to 8.4.3...still did not work. I am now back at 8.2.3.
 
My Firewall config is attached. I am at my wits end as to what else to try. The company has not renewed support for the device so i am on my own here!

View 2 Replies View Related

Cisco Firewall :: Unable To Access Remote Network After Connecting ASA 5510 And 5505

Sep 24, 2011

I am using two firewalls to connect two different offices. Firewall 5510 is running ASDM 6.3 and 5505 is running ASDM 6.2, Problem is that even after connecting two sites, i am unable to ping remote network from either side. I am mentioned static route as tunneled.

View 1 Replies View Related

Cisco Firewall :: ASA 5505 - Unable To Access Certain Ports Over Site To Site VPN

Jan 16, 2013

We have a client that has a Cisco 1801W Firewall that is setup as a site to site VPN terminating to a Cisco ASA 5505. The tunnel is up and established, I can ping from both sides of the tunnel.
 
The problem is the clients behind the Cisco ASA (192.168.2.x) cannot reach certain ports behind the Router (192.168.1.x). The main thing we're trying to do is browse via UNC path (ex: \192.168.1.120 from a 192.168.2.x machine).
 
I got 3389 working after I changed the - ip nat inside source static tcp 192.168.1.120 3389 y.y.x.x 3389 route-map DM_RMAP_1 extendable Modified the command to include the public IP instead of interface FastEthernet0
 
I believe it has something to do with the way NAT and route-maps are setup currently but I'm not familar enough with them to make the changes. I worked with Cisco to ensure the VPN tunnel was fine and it's something security related on the Router.
 
Here is the configuration (removed a few lines not necessary. y.y.x.x = WAN IP of Router x.x.y.y = WAN IP of ASA).
  
Building configuration...
  
Current configuration : 23648 bytes
!
version 12.4
no service pad

[Code].....

View 1 Replies View Related

Cisco :: Replacement For Fortigate 100A

Jul 1, 2012

I'm looking to upgrade our main router/firewall with something that has more throughput. This unit has 2 DMZ zones, internal switch and 2xWAN connections which is pretty handy as I'm utilizing all of them.How to resolve the issue of having a firewall and router in one device,What would be the replacement solution if I were to decide for Cisco solution? What is the best practice?

View 3 Replies View Related

Cisco VPN :: WRV210 / Configuring VPN To A FortiGate Router?

Sep 28, 2011

I'm having trouble configuring a vpn between a CISCO WRV210 and a FortiGate router.

View 1 Replies View Related

Cisco VPN :: Tunnel Between Asa5505 And Fortigate 80c Up But No Traffic

Nov 27, 2011

I have set up an ipsec tunnel between a Cisco ASA 5505 and a Fortigate 80c. The tunnel is set up as I execute pings from inside behind ASA to inside behind FG, however I cannot get connectivity to hosts behind the Fortigate (traffic is allowed through policies configured on the FG). What I noticed in packet tracer is that traffic is dropped at the step 'Vpn lookup' To troubleshoot I have configured a test ('fake') vpn connection through the vpn wizard and get the same result in packet tracer. I run 8.4 software on the ASA and this is part of the relevant config.

View 1 Replies View Related

Does Fortigate 110C Support Netflow

Nov 14, 2012

I searched around but did not see any valuable info on this so I guess it doesn't. But wanted to get confirmation from you guys.

View 2 Replies View Related

Block The Websites On Fortigate 50B Firewall?

Nov 9, 2011

How to block the websites on Fortigate 50B firewall.

View 1 Replies View Related

How To Block Gmail In Fortigate 1000a

Jan 5, 2012

How to block gmail in fortigate 1000a

View 1 Replies View Related

Cisco Firewall :: Which Model Is Equivalent To Fortigate 310B

Sep 10, 2011

My customer is looking for cisco firewall which is equivalent to Fortigate 310B.

View 2 Replies View Related

Cisco AAA/Identity/Nac :: ACS5.2 Authentication With Fortigate Firewall

Jun 10, 2013

I am trying to configure Fortigate firewall for device authentication through TACACS+ using Cisco ACS 5.2.
 
I was wondering if any one had an experience to worked on this scenario. I am looking for authorization command attibute to grant admin access.

View 1 Replies View Related

D-link Dir-655 :: Connect As Wifi To Fortigate 50b By Lan Port

Jul 13, 2012

i want to conect my Dir 655 as Wifi to my LAN, i had a fortigate 50b as DHCP and Dlink Switch 10/100 as LAN Switch when i trie to conect the DIR 655 i disable the DHCP, UnP and Firewall. i put a local IP to DIR "192.168.0.221" and the fortigate has "192.168.0.23" then connect the dir to fortigate by LAN Port... when i trie to access via WIFI, dosent work..

[URL]

View 9 Replies View Related

Cisco Security :: ASA5520 Replace A Fortigate 310B With Products

Aug 4, 2011

i need replace a Fortigate 310B with Cisco products, that is, all Web Filtering, IPS/IDS, AV, so, the question is, what we can use to replace?First, we can use Cisco ASA 5520 right? with CSC Module, so, this for Anti-X, but for IPS? is better router with IPS on IOS? or IPS Sensor? or other Cisco ASA with IPS Module?

View 3 Replies View Related

Security / Firewalls :: Authentication Error In Fortigate Firewall?

Dec 5, 2012

I have one Fortigate 200B Fire wall, which is using for wifi internet. i had configured one login page in the fourtigate .The path following below system > config > replacement message > authentication > login page.

it was working earlier. suddenly its not working. when i checked this path, that login page message colum was blanked. when i trying to put the message again its not pasting and am unble to type the message also.

View 3 Replies View Related

DLink DGS-3100 Switches And Fortigate Firewall / Router?

Jan 11, 2012

DLink DGS-3100 POE switches? I'm working for a place that has these and they are wanting to invest in a VOIP system. I've never seen these type of switches before, and would like some feed back before I roll out a 70+ phone VOIP system. They are managed switches but are all running un-managed at the moment.

They are also using a Fortigate 80cm Firewall/Router. I'm not familiar with this device either.

I'm missing layer 3 as I can't setup any VLan's with this equipment.

View 7 Replies View Related

Way To Configure Fortigate 200B Firewall In Web Base Using Pass Internet

Nov 9, 2011

how to configure Fortigate 200B firewall in web base using pass internet through Cisco 800 router.

View 1 Replies View Related

Security / Firewalls :: How To Block Ultrasurf Using Fortigate 200AA Firewall

Jul 25, 2012

I'm using Fortigate 200A firmware Versionv4.0.3,build0106,090616 and IPS Definitions 2.00673 (Updated 2009-08-11).

View 1 Replies View Related

Security / Firewalls :: Routing External To Internal IP On Fortigate 300C?

Jul 5, 2012

We have a FortiGate 300C firewall and I was trying to allocate an external IP to an internal IP and I was having a lot of trouble figuring out exactly how to do that.

View 1 Replies View Related

Linksys Wireless Router :: How To Configure EA4500 To Exist Fortigate

Nov 19, 2012

EA4500 router setting currently I am on an single fix IPs network, Internet access filtering by a Fortigate gateway, some IPs has Internet access, most of the IPs without, and we like to keep it that way.may I know what is the proper way to configure the newly added EA4500 router to working with "Guest Access" and my existing fix IPs network?

View 9 Replies View Related

Cisco :: Unable To Connect ASA 5505 With ATT?

May 2, 2012

Does anyone has had a problem with connection an asa 5505 with att? I can't connect the vpn, the tunnel sometimes open but still cant ping anything. Only public ip's even im able to ping to my firewall ip.i tried pppoe and bridge on the modem. The same configuration works on cable DSL but cant get it work on att.

I already have an acl that allow any any inside and outside. To get the pings works and a lot of stuff on the internet i search. Seem to be that there's a lot of problems between asa 5505 and att.

View 2 Replies View Related

Cisco VPN :: Unable To Use ASA 5505 With VPN And SMTP?

Jul 25, 2011

This is my first post in CSC. I have two issues with ASA 5505. I have configured ASA to use Easy vpn (ASA as RA server). Users are able to connect to vpn with out any issue and there is no diconnections with VPN. But when the users are trying to RDP to server it connects and disconnect as soon as login. some time it connect for 2 mins then it fades out for some time then it reconnects again. I guess I have give correct access-lists. Please find the Running configuration in the below.
 
2). we have a Email  server in DMZ zone and it users are able to connect to the email server and they can see the emails. But when they try to send any emails it just stuck in the email server queue and does not deliver to the destination.
 
ASA Version 7.2(3)
 ! 
!
 interface Vlan1
  nameif inside
  security-level 100
  ip address intinside 255.255.255.0

[code]....

View 5 Replies View Related

Cisco VPN :: ASA 5505 - Unable To Ping Or Use DNS On LAN

Aug 18, 2011

I've been called upon to fix the  SSL VPN issues in our ASA5505.  The issue I am having is that I am able  to log into the vpn, access the internet, but I'm unable to access  anything on the LAN.  I can't use ping or use DNS. 
 
I'm using ASDM v. 6.2(1) and ASA verison 8.2(1).  I'm not comfortable using the CLI and prefer the GUI.

View 13 Replies View Related

Cisco Firewall :: ASA 5505 Unable To Ping

Sep 9, 2011

I just tried to configure my ASA but unable to ping.  My setup is as follows:
 
Cable Modem (DHCP from IPS)---> ASA (192.168.1.1)--->Belking Router (192.168.5.1)--->Switch (192.168.5.14)--->
 
ASA Version 8.2(3)
!
hostname WoodHomeASA-1

[Code].....

View 30 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved