vpn stopped working on ASA 5510
Bookmark this page:
 Yahoo!
 Google
 Windows Live
 del.icio.us
 digg
 Netscape
|
|
||||||||||
|
Posted by Andrew Engels Rump (formerly L on July 25, 2008, 4:45 pm
Please log in for more thread options I've searched high and low including browsing through the last 8000+ posts in this group but haven't found anything which gave me a clue of what causes my vpn to stop working. :-( I know I should provide the configuration (and I will this Monday) but I hope somebody may provide me with a clue of what events triggered my vpn to stop working. The employee before me configured the following internet set up: (internet) 192.168.1.1 -> 192.168.1.2 (ASA 5510) 172.18.1.x -> (network)
The internet router is a standard (Danish) internet router which performs PAT, DHCP, ... The ASA 5510 is set up to "the same way", i.e., it also performs PAT, DHCP, ..., i.e., the functionality of the ISP router is ignored! And the provider claims that we haven't ever asked them to set their router in bridge-mode, i.e., passing the tcp/ip directly to our Cisco box. Then one day some yerk dug a hole without consulting the maps and lo & behold he cut a fiber and we (and the rest of the people on an island) went offline! Fortunately we have a WiMax (wireless) so I set out to use that instead and after changing the following settings through the GUI: 1. the static ip-address & netmask of the ASA to match the WiMax 2. the default route to match the WiMax (deleted and created a new one) 3. the DNS entries in the DHCP settings everything(*) worked like a charm and we got back to work! *) The vpn from the outside didn't work of course because our ip-address changed because we changed provider but that should work again when we restored the original connection - yeah right! The next day the original line was back up and I (as far as I know) restored the values in the ASA - but it didn't work and I fiddled - don't *do* that - with all the settings and finally consulted the documentation and suddenly after 15 minutes the packets started flowing through!?! What happened? Well I don't know but everything seemed to work - except the vpn! :-( When I look into the log it complains about "deny ip spoof from 192.168.1.2" (or was it 192.168.1.1) every time I try to connect through vpn. What has been changed/removed without my knowledge when I changed/removed/created the values to connect the WiMax and later to restore the original connection? Andrew Engels Rump -- Software Engineer E-mail: mailto:newandrew@rump.dk WWW: http://www.rump.dk/homepage/andrew/ | ||||||||||
| Similar Threads | Posted |
| vpn stopped working on ASA 5510 | July 25, 2008, 4:45 pm |
| PIX 515: Factory default has stopped the PIX working | December 17, 2005, 5:40 pm |
| callback stopped working after IOS upgrade | June 26, 2007, 3:23 am |
| PIX 515E suddenly stopped working....hardware failure? | July 20, 2006, 9:24 am |
| WallWatcher stopped logging | March 15, 2006, 1:00 am |
| Cisco 837 - 12.4 - MRTG monitoring stopped? | May 23, 2006, 3:45 pm |
| PIX : Denying port 80 also stopped 8080 | January 17, 2008, 3:34 pm |
| Call transfer full consult is not working properly, blind transfer is working instead | October 8, 2008, 8:04 pm |
| pix denying port 80 also stopped an application on port 8080 | January 22, 2008, 7:05 pm |
| ASA 5510 | June 8, 2006, 9:37 am |
| ASA 5510 and qos | October 19, 2006, 3:59 am |
| VPN to ASA 5510 | August 31, 2007, 9:13 am |
| asa 5510 | February 20, 2008, 7:06 pm |
| ASA 5510 QoS | June 24, 2008, 12:07 pm |
| Very slow ftp on ASA 5510 | August 8, 2006, 5:16 am |