Given an IPSec VPN remote access scenario, Why doesn't a server in the corporate site send replies to the remote access VPN user?

Start networking and exchanging professional insights

Register now or log in to join your professional community.

Next Question:
I have successfully deployed a MS TMG Server 10 on windows server2008r2, but how...
Posted by:
irfan ahmad meo
29-July-2017

An IPSec remote access client has initiated a VPN connection to a Cisco ASA successfully. However, when the remote user tried to ping a server in the corporate site, the user didn't get any response. Note that the server can send replies successfully internally and to other WAN sites.

Question added by Ahmad Yassein , Infrastructure Network Manager , Ministry of International Cooperation (MIC)
Date Posted: 2014/01/08

Upvote (0) Views (25) Followers (3) Answers (4) Report Question

Write an Answer
Register now or log in to answer.

4 Answers

abdallahi Eminou

by abdallahi Eminou , IT Technician , Kinross Gold Corporation

please check gre protocol does it allow by ASP

Downvote Reply () Report

by Von Fritz Besa , team leader , S H Construction Wll

yes, if a system has a remote access capability to be able to control it through a pc or mobile with an internet access

Downvote Reply () Report

by mahfoudh haji , Team Leader/Supervisor , ZACCA ENVIRONMENTAL CLUB

Yes, in the world of new technology this issue is quit simple.

Downvote Reply () Report

by Rami Haddad , IT Security Professional - Advance , Injazat Data Systems

This can be related to many issues:

1-check NAT exempt configuration.

2- if splite tunnel is configured is the server IP in the splite tunnel configuration.

3-server or any layer three devices in the path (between the fire LAN interface and the server) should know a route the VPN clients pool

you can verify this simply using capture on the ASA LAN interface

4-access-group applied on the LAN interface or devices in the path.

5-Check ASP captures on the ASA during the test, is there any drops related to traffic between VPN client IP and server IP.

hope this helps.

Best regards,

Rami Haddad

CCIE security #35629

Downvote Reply () Report

Popular Searches

Sales Executive Jobs Engineers Jobs Engineering Technicians Jobs Accountant Jobs Driver Jobs

Write Your Answer

More Questions Like This

Which type of traffic may be blocked after installing Cisco ASA 5500 series firewall in transparent mode in VOIP Network?
Top Answer: used VOIP protocols SIP, H3232. firewall location between the gateway See More

Answers (6)
Building a security conscious network using a cisco ASA as the gateway,?
Top Answer: OKAY I HAVE READY FOR ALL WORKS BECAUSE I KNOW EXTRA FIELDS See More

Answers (2)
While designing IT Network Infrastructure, Which device shall we connect directly with the ISP? a Firewall i.e. Cisco ASA or a Cisco Router?
Top Answer: Router's .. to route packets "in - out" and then filter it by firewall See More

Answers (4)
I have DC window 2008,it does include DHCP server, I surprised by all users they are not getting any IP address, Despite the event viewer doesn't?
Top Answer: For the best answer please see link below https://support.microsoft.com/en-us/kb/197197 ... See More

Answers (7)

Do you need help in adding the right keywords to your CV? Let our CV writing experts help you.