Cisco asa cannot connect to internal network after connecting to vpn

We have an asa in the main location with a few site to site vpns and mobile clients using the mobile vpn.  In the course of settings up a new remote location with easy vpn we have run into problems.

Got the vpn to light up without issue but was unable to get to the internet.  Tried to configure split tunneling and was unsuccessful at getting it working.  Now all of a sudden none of the vpn users of the mobile vpn or the remote sites can access anything on the servers.  

The vpn in texas is the one that we are trying to add.  I can provide the config file from the main site or from the remote location.

4      Feb 08 2014      14:31:39      106023      192.168.90.8      49476      10.5.60.11      53      Deny udp src Outside:192.168.90.8/49476 dst Inside:10.5.60.11/53 by access-group "Outside_access_in" [0x0, 0x0]



¿4      Feb 08 2014      14:31:40      106023      174.37.196.55      53      209.251.157.148      53      Deny udp src Outside:174.37.196.55/53 dst Outside:209.251.157.148/53 by access-group "Outside_access_in" [0x0, 0x0]
cnesupportAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
cnesupportConnect With a Mentor Author Commented:
I think I got it now.  I ended up making some changes to the firewall policies.  Even though I had made exemptions for the networks it was still blocking them.  After adding some rules the mobile vpn is now working.  I am waiting for someone to get to the remote site to take a look there.
0
 
cnesupportAuthor Commented:
don't everyone jump at once
0
 
Pete LongTechnical ConsultantCommented:
Got the vpn to light up without issue but was unable to get to the internet.  Tried to configure split tunneling and was unsuccessful at getting it working.  Now all of a sudden none of the vpn users of the mobile vpn or the remote sites can access anything on the servers.


I'm assuming you mean the remote site using EasyVPN can connect to the main site but when they do so they cannot connect to the internet, yes?

Firstly is this how you setup EasyVPN?

If so this is how you setup split tunneling

Pete
0
Turn Raw Data into a Real Career

There’s a growing demand for qualified analysts who can make sense of Big Data. With an MS in Data Analytics, you can become the data mining, management, mapping, and munging expert that today’s leading corporations desperately need.

 
cnesupportAuthor Commented:
Yes on both sites but the main issue we are having now is.  

The remote site is unable to access the local network or internet but can access the asa on the remote side.

The mobile vpn users can access the router and internet but not local resources.  

When trying to ping from one of the mobile users vpn:

4      Feb 09 2014      09:00:13      106023      10.5.62.26      59898      10.5.60.11      53      Deny udp src Outside:10.5.62.26/59898 dst Inside:10.5.60.11/53 by access-group "Outside_access_in" [0x0, 0x0]
0
 
cnesupportAuthor Commented:
got it all working, took a bunch of rules but everything is now flowing the way it should
0
 
cnesupportAuthor Commented:
I solved the issue on my own
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.