Site Not Opening In Internal Networks?

Jan 25, 2013

Site is not opening in any of my systems in the local network. but if i change ip to a real ip or if i use some other internet source like netsetter then it gets opened.

View 1 Replies


ADVERTISEMENT

Cisco Routers :: SRP527W Site-to-Site VPN Not Hiding Internal Addresses?

Jun 11, 2013

We recently purchased an SRP527W router because of its capability to configure site-site VPN tunnels. The configuration of IKE and IPSEC is working and the tunnel comes up but the problem is that the router is passing our internal IP addresses through the tunnel. The remote end we are connecting to requires us to hide all traffic behind one IP address which would ideally be our external static IP address from our ISP.

View 1 Replies View Related

Cisco VPN :: 3560 Cannot Ping Internal Network Via VPN Site To Site

May 30, 2012

I have the following VPN site-2-site configuration.The trouble I'm having is host 172.168.88.3 in site A is not able to ping 172.168.200.3 in site B and visa versa. Think I have added the static routes and ACLs correctly on the 3560 switches (acting as gateways) and both PIX's to access the internal networks. Host 172.168.9.3 can ping 172.168.200.3 fine.

View 3 Replies View Related

Cisco VPN :: ASA 5505 / Site 2 Site VPN With Overlapping Internal IP Schema

Mar 3, 2011

I have  3 ASA 5505 Firewall, I am creating Site 2 Site Full mesh tunnel with each firewall, the problem i am facing is two of the firewalls internal schema are same, Like Site 1 has an Internal Schema: 192.168.0.0, Site 2 has an Internal Schema 192.168.0.0, Site has an Internal Schema 10.10.10.0
 
For that i have to create a policy static nat and access list??
 
 I configurred a access-list like below,

access-list vpn_ih_site3_site1 permit ip 10.10.10.0 255.255.255.0 192.168.0.0 255.255.255.0access-list vpn_ih_site3_site2 permit ip 10.10.10.0 255.255.255.0 192.168.0.0 255.255.255.0

View 10 Replies View Related

Broadband :: Opening Site By Using Static Ip Address

Jan 29, 2012

how to open a site by using static ip address

View 2 Replies View Related

Cisco Firewall :: Site To Site VPN Multiple Networks With 3560x

Jul 24, 2012

I have Cisco 3560X L3 Switch. We have done Inter VLAN in our internal networks. Below are the VLAN details
 
Default VLAN1 IP 192.168.125.2 (Gi0/1, Gi0/23, Gi0/24)
Interface Gi0/1 (Port Configure as a Trunk)
Interface VLAN 10 SERVERS_SW (Gi0/2 to 0/6)
IP Address: - 192.168.0.1 255.255.254.0
Interface VLAN 20 USERS_SW (Gi0/7 to 0/18)
IP Address: - 192.168.152.1 255.255.248.0
Interface VLAN 30 SPARE_SERVER_SW (Gi 0/19 to Gi 0/22)
IP Address: - 192.168.8.1 255.255.248.0
 
We have Sonicwall NSA2400 Firewall and we have setup Site-to-Site between our other offices who has Sonicwall TZ210 firewall. It works fine and they are able to access all the above networks.
 
Now the problem is we have one more site which uses Vigor Firewall (with Internal Network 192.168.100.0). We have setup the site-to-site vpn between Sonicwall NSA 2400 (Lets say SITE A) and Vigor (Lets say SITE B) but SITE A is unable to ping to SITE B Firewall but SITE B is able to *ONLY* SITE A firewall.
 
SITE A is trying to ping from User VLANs whose local ip is 192.168.152.0 range.
 
How to add route to 100.0 so that we will be able to ping and access SITE B networks.

View 5 Replies View Related

Cisco VPN :: ASA 5505 - Twice NAT Across Site To Site Tunnel With Same Private Networks

Mar 30, 2013

I'm currently trying to configure a Site to Site tunnel between an IOS Router and an ASA 5505 running 9.1
 
When the private subnet of the IOS Router was 10.0.0.0/24 and the private subnet of the ASA was 172.16.1.0/24, it connected fine.
 
I'm now trying to set it up where both private networks are 10.0.0.0/24, and created network objects, edited the ACL for interesting traffic, and created the twice NAT translation rule, but the tunnels aren't coming up.
 
There is the IOS Router(R1) and the ASA(F2). In between them is one Internet posing router that is just set up to allow both sides to reach their WAN addresses.
 
R1 and F2 have private network (10.0.0.0/24) and need to communicate. Twice NAT can be done all on the ASA to allow this, but I must be doing something wrong. The way I understand it, is that the R1 should see the traffic coming from 10.51.0.0/24 and sending to that traffic. The ASA will take that traffic, and the inside network should see it come inbound as 10.50.0.0/24. So the F2 private network communicates with 10.50.0.0/24 and R1 private network sends traffic to 10.51.0.0/24.
 
I turned on "Debug crypto ipsec" and "debug crypto isakmp" but no output is showing up or giving any hint that it is trying to establish anything. 
 
R1#show run 
version 12.4
hostname R1
crypto isakmp policy 50encr 3desauthentication pre-sharegroup 2crypto isakmp key cisco address 10.2.0.254

[Code]......

View 3 Replies View Related

Cisco VPN :: 5510 Site-to-site VPN Adding New Networks

May 5, 2011

I have a S2S VPN setup between a pair of ASAs (5510 and 5505) both running latest. Works fine and connects 3 local vLANs to the remote site, which has one /24 subnet. When I try and add a fourth local subnet it takes it but I can't get it to pass traffic to/from the new subnet. [code] I have added vLAN 20 as a remote network on the 5505 and as a local network on the 5510. Applied, broke the connection and re-applied it.When I ping from the 20 vLAN I get destination cannot be reached from an ISP upstream router and when I tracert, I get DEF GW, ASA's next Hop to the internet and one hop farther out where I get a unreachable message from that (3 hops and a fourth 'hop' that says it cannot reach)
 
When I ping from vLAN 10 it returns a ping. When I tracert it hits the vLAN Def GW, and then directly to the server I am trying to ping in the remote location (two hops).I can ping all things local form the 10 & 20 vLANs and get out to the internet fine.

View 3 Replies View Related

Cisco VPN :: ASA 5505 Site-to-site VPN With Multiple Networks

Jan 20, 2013

I have a problem configuring a Cisco ASA 5505.Our company established a second facility, that should be connected using VPN to our headquarter.I used the ASDM "Site-to-site VPN wizard" to create a connection, which works fine with our main network.
 
Following structure:

Headquarter:
Cisco ASA 5505, firmware 9.1, ASDM version 7.1
Outside: fixed IP
Inside: IP of the interface is 192.168.0.1/24  (data network)

Now I have a second network 192.168.1.0/24  (VoIP network), PBX address is 192.168.1.10.Both networks should be accessible via VPN.
 
New Facility:
Cisco ASA 5505, firmware 9.1, ASDM version 7.1
Outside: fixed IP
Inside: IP of the interface is 192.168.2.1/24
 
I already created a connection, so that a PC from the new facility reaches the data network. E.g. a ping from 192.168.2.100 to 192.168.0.100 is possible.Now, I would like to add some VoIP telephones to the new facility, that can reach the PBX on 192.168.1.10.In the connection, I already added both networks as Remote  network:

object-group network Testgroup
network-object 192.168.0.0 255.255.255.0
network-object 192.168.1.0 255.255.255.0
access-list outside_cryptomap extended permit ip object-group Testgroup object Remote-Network
 
My problem is now, I don't know what to set as "Gateway" on my PBX.I can't use 192.168.0.1 because it is another subnet. Also I can't set a second IP 192.168.1.1 to the interface of the ASA., how I can realize this, so that both subnets are accessible via VPN and all the devices have a gateway set?

View 5 Replies View Related

Router With Two Internal Networks

Jun 18, 2011

I have a cable modem, hub and two routers. One router is wireless and the computers on this router have an IP address of 10.1.x.x. The other is a wired router and the computers on this router have an IP address of 192.168.x.x. Computers on both networks have Internet access but can't talk to computers on the other router.What I'm wondering is instead of using 3 hardware devices (1 hub/2 routers), is there any router model that will allow me to setup two internal networks similar to what I have above. I just want to cut down on the equipment and power that I use with my current setup.

View 1 Replies View Related

Cisco VPN :: PIX 525 Unable To Reach Internal Networks

May 9, 2012

I have configured a Remote access vpn on pix 525 with 7.2(4) code. After getting connected (with ip address assigned from the pool) i am not able to reach any of the internal networks. [code]

View 3 Replies View Related

Cisco Firewall :: ASA 5505 Routing Between Internal Networks

Feb 18, 2013

I am new to Cisco ASA and have been configuring my new firewall but one thing have been bothering. I cannot get internal networks and routing between them to work as I would like to. Goal is to set four networks and control access with ACL:s between those.
 
1. Outside
2. DMZ
3. ServerNet1
4. Inside
 
ASA version is 9.1 and i have been reading on two different ways on handling IP routing with this. NAT Exempt and not configuring NAT at all and letting normal IP routing to handle internal networks. No matter how I configure, with or without NAT I cannot get access from inside network to DMZ or from ServerNet1 to DMZ. Strange thing is that I can access services from DMZ to Inside and ServerNet1 if access list allows it. For instance DNS server is on Inside network and DMZ works great using it. [code]

View 13 Replies View Related

Cisco Firewall :: ASA5510 - Connect 2 Internal Networks

Apr 26, 2011

We recently got a Cisco ASA 5510 Security Appliance and I have some general question.

We have 1 T1 internet connection, and we have 2 internal networks.  These 2 internal networks currently hav access to the internet.  I am having issues with the 2 internal networks being able to communicate with each other.

View 2 Replies View Related

Cisco Firewall :: ASA 5505 Connecting 2 Internal Networks?

Nov 7, 2012

We recently changed locations and acquired a new circuit from our provider. They also connected our remote branch office to our main office through MPLS. Now, as I understand it, the branch office basically connects back to the main office through our providers network (MPLS). We have a new router at the branch office which has a gateway of 192.168.1.225. The clients in that office have IP's of 192.168.1.96 - 100, using the gateway of 192.168.1.225.
 
The main office network is 192.168.0.0 (Gateway of 192.168.0.1)
 
At this end (Main office), I also have a new Cisco 2900 provided by the ISP, with port 0/0 for the outside connection (connected to the 0 port on my ASA 5505). The ASA's port 1 obviously running into my network hub. The provider tells me that port 0/1 on the 2900 is or should be used to connect the branch office back to here and has an IP of 192.168.0.225, as that's how the provider provisioned it. So, I plug that into the ASA's Ethernet port 0/2. And I'm assuming they have a route setup either on the 2900 or the router in the branch office so that 192.168.1.225 can reach me here at 192.168.0.0.
 
There is already a static route setup on the ASA: (192.168.1.0 255.255.255.255 192.168.0.225 1). As soon as I plug in the cable, the IP phones at the branch office work, but they can't access the internet or any resources in the main office. My questions are:
 
1. Shouldn't I be able to just go straight from the 0/1 port on the Cisco 2900 to my hub. At first I was plugging right into the ASA, but I don't think I need to do that, why go from the branch office through my ASA to access resources and then back out the ASA for internet. If they're already coming from 192.168.1.225, through the MPLS network, then they should go right to my network and then back out the ASA.
 
2. They have to route through the ASA first, in which case, do I need to setup another VLAN for that branch network in conjunction with a static route? I can ping the router and hosts in the branch office through the ASA only!
                 
Below is the running sanitized config:
 
Result of the command: "show running-config"
: Saved:ASA Version 8.2(2) !hostname ciscoasadomain-name audiology.orgenable password ulzaQiFnKVzDwUmW encryptedpasswd 2KFQnbNIdI.2KYOU encryptednames!interface Vlan1nameif insidesecurity-level 100ip address 192.168.0.1 255.255.255.0 ospf cost 10!interface Vlan2nameif outsidesecurity-level 0ip address 1.2.3.4 255.255.255.240 ospf cost 10!interface Ethernet0/0switchport access vlan 2!interface Ethernet0/1!interface Ethernet0/2!interface Ethernet0/3!interface Ethernet0/4!interface Ethernet0/5!interface Ethernet0/6!interface Ethernet0/7!boot system disk0:/asa822-k8.binftp mode passiveclock timezone EST -5clock summer-time EDT recurringdns server-group DefaultDNSdomain-name audiology.orgsame-security-traffic permit inter-interfacesame-security-traffic permit intra-interfaceaccess-list

[code]....

View 16 Replies View Related

Cisco VPN :: ASA 5505 - Remote Access To Different Internal Networks

Jan 17, 2013

A customer has a ASA 5505 with a remote access vpn. They are moving their internal network to a new scheme and would like users who come in on the vpn to access both the exisiting and new networks. Currently the can only access the exisiting. WHen users connect to the remote access vpn, the asa gives them an address of 192.168.199.x. The current internal network is 200.190.1.x and they would like to reach their new network of 10.120.110.x.
 
Below is the config:
 
:
ASA Version 8.2(5)
!
hostname ciscoasa

[Code].....

View 2 Replies View Related

Cisco Firewall :: ASA 5505 Allowing Traffic Between Two Internal Networks

Aug 30, 2011

I'm usually not working with this product, but this is what I'm trying to do.I have 2 internal networks setup on our Cisco ASA 5505 firewall. (not done by me, I'm a new to this product)I'm trying to access a server on one network from a PC located on the other internal network. (preferable through the web gui)When I try "Packet Tracer" from interface "Trust4" it fails on the NAT phase.(Source ip: 10.0.4.99, Destination ip: 10.0.6.99)
When I check the NAT rule, it says:
Type            Source     Interface    AddressDynamic         any          outside      outside.

View 3 Replies View Related

Cisco VPN :: 5510 Anyconnect Unable To Reach Internal Networks

Sep 18, 2012

I have ASA 5510 and configured client VPN or Annyconnect VPN, when I connect to the ASA remotely using anyconnect I am able to get IP address as configued, from Internal network I can ping and RDP that anyconnect VPN desktop, but the problem is from the remote anyconnect VPN client I am unable to access internal network, when I use ASA packet tracer and check traffic from internal to anyconnect pool of addresses it gives result ok, but when i use packet tracer to check traffic on outside interface from  anyconnect address pool to internal subnet it always gives the packet is dropped at WebVPN - SVC, and I can find any where related configuration for that.

View 5 Replies View Related

Cisco Firewall :: ASA 5510 / Unable To Get Internal Networks Talking To Each Other

Apr 22, 2012

I am tasked with transferring all clients from one subnet to the other. I figure the nicest way to do this is to temporarily have the subnets talk to each other in an endeavour to avoid as much downtime as possible. The two internal subnets are:

192.168.0.0/24
192.168.43.0/24 (the intended migration network)
 
I am beating my head against the desk here as I dont seem to be getting anywhere after the changes I have made. The current configuration is as such:
 
ASA Version 8.2(5)
!
hostname ciscoasa
domain-name *****
enable password ***** encrypted
passwd ***** encrypted
names

[code]......
 
Upgrading the firmware is not really an option?

View 3 Replies View Related

Cisco Firewall :: ASA 5550 - Cannot Ping SITE 1 PIX From Internal IP

Oct 15, 2012

We have two networks HQ and Site1 and for some reason we can’t ping the inside IP for Site1 PIX device. We have site-site-VPN set up between the two and everything works fine except we can’t ping the Site1 PIX from internal IP. However, I can ASDM/SSH in from HQ to the external IP of the Site1 PIX. 

HQ is using an ASA 5550 (172.1.0.1) PC from HQ (172.1.64.x) Site1 is using a PIX-515E (172.2.0.1) PC from Site1 (172.2.64.x)
Ping from HQ PC to Site1 PC (172.1.64.x to 172.2.64.x) works fine
Ping from Site1 PC to HQ PC (172.2.64.x to 172.1.64.x) works fine
[code]... 

ASDM/SSH from any HQ PC to Site1 PIX internal IP (172.1.64.x to 172.2.0.1) doesn’t work
ASDM/SSH from any HQ PC to Site1 PIX external IP (172.1.64.x to Site1 external IP) works fine
 
Everything was working fine until we recently changed the outside IP address for Site1 because we switch to a different ISP. Nothing changed on the HQ ASA or Site1 PIX other than the outside IP address on Site1 PIX. I did rebuild the site-to-site VPN tunnel between Site1 and HQ.

View 5 Replies View Related

Cisco Firewall :: ASA 5505 / Block Internal LAN And Internet Traffic Except LogMeIn Site?

Sep 12, 2011

I have configure Cisco 5505 as layer 2 firewall mode. I have vendor machine connected  to Cisco ASA 5505 on port 2 as VLAN2 inside then VLAN1 outside connected to my internal network on layer 2 cisco 2960 switch. This machine needs access only to LOGMEIN then block all internal/internet traffic. 
 
vendor machine on vlan 2 inside >> Cisco ASA 5505 vlan1 outside  >> layer2 switch >> internal LAN >> Cisco 5520 main FW >>> INTERNET

View 1 Replies View Related

Cisco VPN :: 5510 Site To Site VPN Access To Servers With Overlapped Remote Site

May 18, 2012

I have a requirement to create a site to site vpn tunnel on ASA 5510 from a remote site to my HO, ihave already other site-to-site tunnels are up and running on the ASA.The issue is my remote site has got the network address which falls in one of the subnet used in HO(192.168.10.0/24).My requirement is only  My remote site need to accees couple of my servers in HO which is in 192.168.200.0/24 subnet.

View 2 Replies View Related

Cisco VPN :: 5520 Requirement To Terminate Site-to-site VPN From Remote Site

Jun 17, 2012

We have ordered a pair of Cisco ASA5520 (ASA5520-BUN-K9).Now there is a requirement to terminate site-to-site VPN from remote site. Do we need VPN plus licence for this and how much it cost?

View 1 Replies View Related

Cisco VPN :: 877 / How To IPsec Site To Site Vpn Port Forwarding To Remote Site

Jun 13, 2012

The scenario where a Site to Site VPN tunnel has been established between Site A and Site B. Lan on Site A can ping Lan on Site B. My problem is a Printer behind Site B needs to be accessed by using the WAN IP address of Site A. Also i could not ping the remote lan or printer from the router.
 
Below are my configure on the Cisco 877 in site A.  
 
Building configuration... 
Current configuration : 5425 bytes
!
! Last configuration change at 15:09:21 PCTime Fri Jun 15 2012 by admin01
!
version 12.4
no service pad

[code]....

View 1 Replies View Related

Cisco VPN :: 5505 - Site To Site Connected But Cannot Ping Remote Site

Oct 11, 2011

cisco products and am struggling getting a VPN going between an ASA 5505 and 5510.  I have a VPN created (using the VPN wizward on both) and it shows the VPN is up, but I can't ping the remote site (from either side).

View 11 Replies View Related

Cisco VPN :: ASA 5505 / Site To Site Vpn With One Site Always Initiate A Tunnel?

Feb 7, 2011

I have ASA 5505, i configured site to site vpn between central site and remote site and is working. Now the problem is we use remote site for troubleshooting purpose, so we need to create a tunnel from remote site to central site. I need to configure such a way that remote site can craete a tunnel to central site, but central site not able to create a tunnel, it just respond to remote site.

View 3 Replies View Related

Cisco VPN :: ASA 5505 Site To Site Connection / Remote Site?

Mar 6, 2011

i have 2 router asa 5505 with base license i wanna make site to site vpn connection and remote site using vpn client to connect first i have hdsl router with 5 public ip i wanna try it by giving 1 public ip to each router and try the vpn but nothing work?

View 1 Replies View Related

Cisco VPN :: ASA5510 - Site To Site With Dynamic IP In One Site

Jan 27, 2012

i want configure VPN between backoffice which have ASA5510 firewall with static IP and site which have cisco router 1861 with dynamic IP.
 
how i can configure the site to site between them?

View 2 Replies View Related

FTP Sites Not Opening?

Jan 24, 2012

I need to receive a 15GB file from a friend, we are using xlight to transfer the file,I dont know much about all this but i am unable to open his ftp server which is(ftp://10.10.xxx .xxx:21).I havent yet installed xlight, i paste this site on my address bar and nothing happens, it gets timed out, i am only facing the problem others are able to access the site........AMD Phenom II 955 Black Edition | 4 gb ddr3 | 1 TB segate | Nvidia 9500GT(O.C)

View 4 Replies View Related

Opening NAT For 2 Xbox 360's?

Nov 29, 2011

There is about 5 devices in my house that uses the same network. Two of them are Xbox's (One uses wireless, other uses wired). I've tried many times to open the NAT for the 2 Xbox's, but have never succeeded.I've read that enabling UPnP, will fix the problem; however I have tried that, and it does not work. If I want to open the NAT for just one Xbox, it will let me - I just port forwarded the required ports for the one Xbox. In my case, this isn't want I want.

View 1 Replies View Related

Sites Not Opening In UAE?

Feb 9, 2012

i am trying to open a website in UAE [URL] . its opening in india very well but here its not working. it says connecting and after few minutes page displays network error or server busy.

View 4 Replies View Related

Broadband :: Not Opening Any Website

Sep 6, 2011

WEBSITE DOES NOT OPEN

View 1 Replies View Related

Opening A Port On Router

Mar 3, 2011

I want to open a certain port on my router and I know it shouldn�t be a problem, just go inside of your router settings and add the port manually. But somehow I was enough smart to forget my routers username and password, now my question is my only option a hard reset of the router and deleting all the work I put in to connecting the two computers with my router (believe me I had my share of troubles connecting them with the router) or is there a way to open the port on the router from my computer without accessing my router settings.

View 3 Replies View Related

Lan Is Connected But Page Not Opening?

Jun 17, 2011

my problem is net show its connected but cant open any psge. I have tried somany thinng as bellow.[CODE]

View 5 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved