Re: [fw-wiz] ASA 5510 problem



Zeke--

Are you able to access anything when you establish the VPN tunnel? How are you trying to access? (ping, email client?) Also, when you connect, is your connecting workstation directly connected to a public network, or are you behind a device performing NAT (like a home firewall)?

Can you post snippets of the configuration? (group-policy block, and any line beginning with the word crypto).



cjw

Christopher J. Wargaski
RMS Technology Solutions, Inc.
cwargaski@xxxxxxxxxx
(847) 215-1661 x223



-----Original Message-----
From: firewall-wizards-bounces@xxxxxxxxxxxxxxxxxxxxx on behalf of Dehnert James Sr
Sent: Mon 4/30/2007 7:04 PM
To: firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
Subject: [fw-wiz] ASA 5510 problem

I have a Cisco ASA 5510 with an External, Internal, and DMZ
interfaces. I have a mail server in the DMZ and I have configured
the ASA so that I can get to it internally an externally, however,
when I log in using the IPSEC VPN I cannot connect.

The internal address range is 192.168.100.0/24
The dmz address range is 192.168.200.0/24
The VPM pool range is 10.10.10.10/24

I have mappings internally to so that any 192.168.100 host can
connect to the mail server at 192.168.200.25, but the VPN access
issue has me flummoxed.

Cisco has examples of VPN or DMZ, bit nothing with info on both.

Any pointers would be greatly appreciated.



Thanks,
Zeke

--
James "Zeke" Dehnert
mailto:jdehnert@xxxxxxxxxxxxxxxxxx
Phone: +1 707.546.6620 x602 Fax: +1 707.324.8043
"Life is racing, everything else is just waiting"


_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

<<winmail.dat>>

_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards


Relevant Pages

  • Re: Web hosting and VPN box
    ... Is it normal for VPN box to be configurable (well by the end user; ... configuration. ... > Does your router have a DMZ setting? ...
    (comp.security.firewalls)
  • Re: [fw-wiz] ASA 5510 problem
    ... Have you specified the VPN Pool range properly? ... I have a Cisco ASA 5510 with an External, Internal, and DMZ ...
    (Firewall-Wizards)
  • IAS and PIX
    ... We have a PIX firewall configured for authenticate VPN access against AD/IAS ... The problem is that we want a new different VPN configuration for external ... access to a second DMZ with other servers. ... Perhaps having several RADIUS with different policies, ...
    (microsoft.public.internet.radius)
  • [fw-wiz] ASA 5510 problem
    ... I have a Cisco ASA 5510 with an External, Internal, and DMZ ... I have a mail server in the DMZ and I have configured ... when I log in using the IPSEC VPN I cannot connect. ...
    (Firewall-Wizards)
  • RE: Prividing Intranet Website Access To External Users
    ... If you use VPN IPSec you get access to ALL lan, after you need start to close access, the one that remanis open is the problem, does you remember Murphy?. ... Can by installed in DMZ, double firewall, internaly and others. ... > The web server is IIS on windows2003. ... > intranets to the internet in a secure manner. ...
    (Security-Basics)