Cannot access Microsoft share with Cisco VPN client - SMB not configured?

I get the following console message even after opening up UPD & TCP:

access-list backup_access_in extended permit tcp any host 64.2.113.131
access-list backup_access_in extended permit udp any host 64.2.113.131

4      Nov 16 2008      17:42:15      106023      192.168.10.216      192.168.10.255       Deny udp src backup:192.168.10.216/137 dst inside:192.168.10.255/137 by access-group "backup_access_in" [0x0, 0x0]
ASA-111608-config.txt
snchelpdeskAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

ricks_vCommented:
"Deny udp src backup:192.168.10.216/137 dst inside:192.168.10.255/137"
it looks like 192.168.10.216 is trying to broadcast.

We need to know who is 192.168.10.216? and what is it trying to access.

Anyway try dropping the following acl:
access-list inside_access_out extended permit tcp host 64.2.113.131 any
access-list inside_access_out extended permit udp host 64.2.113.131 any

that will allow any 192.168.x.x to access 64.2.113.131 and vice versa
0
snchelpdeskAuthor Commented:
192.168.10.216 is me on the VPN.

no access-list inside_access_out extended permit tcp host 64.2.113.131 any
no access-list inside_access_out extended permit udp host 64.2.113.131 any

no different:
4      Nov 16 2008      18:54:35      106023      192.168.10.216      192.168.10.255       Deny udp src backup:192.168.10.216/137 dst inside:192.168.10.255/137 by access-group "backup_access_in" [0x0, 0x0]
0
ricks_vCommented:
ok let's try this:
access-list backup_access_in extended permit tcp / udp any any

then we can narrow down the issue by making sure it's the acl blocking the traffic
by changin acl to
access-list backup_access_in extended permit tcp / udp 192.168.10.x 255.255.255.0 any

0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

snchelpdeskAuthor Commented:
access-list backup_access_in extended permit tcp / udp any any  - works!

access-list backup_access_in extended permit tcp / udp 192.168.10.x 255.255.255.0 any  - good also!

I have removed the any any lines.

We're good, eh!   I have attached current running config for final review.

Thank you,
Dave
ASA-111608a-config.txt
0
ricks_vCommented:
sweeeet :)
feedback please.. another 3700 i will be getting my premium membership :P
0
ricks_vCommented:
just a suggestion..
to be more secure, you can change the destionation to 192.168.10.x instead of any (whoever required source/dest access)

access-list backup_access_in extended permit tcp / udp 192.168.10.x 255.255.255.0 192.168.10.x bla bla
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
snchelpdeskAuthor Commented:
Done - everything works and your expertise is very much appreciated!
Thank you,
Dave
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Cisco

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.