troubleshooting Question

Cisco ASA VPN problem

Avatar of Harold Crane
Harold CraneFlag for United States of America asked on
VPNCisco
7 Comments1 Solution727 ViewsLast Modified:
We have three sites.  Two remote sites (sites B and C) are connected to the main site (site A) using site-to-site vpn tunnels on Cisco ASA 5505s.  Site A IP net is 172.20.28.0/24.  Site B is 172.21.28.0/24.  Site C is 172.22.28.0/24.  At site A, we have two ASA 5505s installed.  ASA #1 is used for systems at site A to access the internet, and it is used for employees to remotely access the network using Cisco's legacy VPN client.  ASA #2 at site A is used for the Site-to-site VPNs between sites A and B and sites A and C.  All systems local to site A network can ping systems on both the site B network and the site C network. Systems on the site B network can ping systems on the Site A network, as can systems on the site C network.  Remote VPN clients receive a 172.20.28.xxx ip address when connected to Site A VPN.  The problem is that VPN clients cannot successfully ping systems in either site B or C, even when systems local to site A can.  We have set up proper routing statements on the VPN clients.
ASKER CERTIFIED SOLUTION
asavener

Our community of experts have been thoroughly vetted for their expertise and industry experience.

Join our community to see this answer!
Unlock 1 Answer and 7 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 7 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros