piemckay
asked on
ASA Remote VPN Can't connect to local inside network
Hello,
I currently have a Cisco 5520 and a Cisco 5505 in different locations. I have successfully set up a site to site VPN between the two firewalls and everything is working fine. However now I am trying to set up a remote VPN connection to the 5505 using cisco client. I have configured it and I can connect but I am unable to connect to anything on the same network as the 5505. I can, however, connect to everything on the other side of the site to site tunnel.
The 5505 local network is 192.168.0.x/24 (not my choice of subnet)
I have assigned an address pool of 192.168.0.160 - 170
I have allowed 192.168.0.0/16 on the spluit tunnel.
On the other side of the site to site tunnel are many different subnets on an MPLS network 192.168.14, 15, 16 , 20 etc. and while connected to the 5505 via remote VPN I can access all of these subnets. I just can't acess anything on 192.168.0.x/24.
Here is my config, please let me know if any thing looks obvious. The Tunnel group for the remote VPN is called GRP-DE. I'm not very experienced with firewalls so please be gentle!
Thanks in advance.
de-config.txt
I currently have a Cisco 5520 and a Cisco 5505 in different locations. I have successfully set up a site to site VPN between the two firewalls and everything is working fine. However now I am trying to set up a remote VPN connection to the 5505 using cisco client. I have configured it and I can connect but I am unable to connect to anything on the same network as the 5505. I can, however, connect to everything on the other side of the site to site tunnel.
The 5505 local network is 192.168.0.x/24 (not my choice of subnet)
I have assigned an address pool of 192.168.0.160 - 170
I have allowed 192.168.0.0/16 on the spluit tunnel.
On the other side of the site to site tunnel are many different subnets on an MPLS network 192.168.14, 15, 16 , 20 etc. and while connected to the 5505 via remote VPN I can access all of these subnets. I just can't acess anything on 192.168.0.x/24.
Here is my config, please let me know if any thing looks obvious. The Tunnel group for the remote VPN is called GRP-DE. I'm not very experienced with firewalls so please be gentle!
Thanks in advance.
de-config.txt
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
ASKER