The router that I'm talking about is R3.
So I'm trying to set up web VPN from a client(Client PC) behind the router to an ASA but for some reason I cannot even ping any networks beyond the router(I'm assuming my ipsec config is somehow doing something to those pings), will be attaching pics and configs, on the figure you can see that the client PC is on the 192.1.100.0/24 network, so whenever try to ping from this network to anything beyond R3 (say to 192.1.23.10 or 192.1.20.10(interface of ASA itself)) the pings fail, I did create a standard acl so that R3 can allow traffic to be passed from network sourced from 192.1.23.0/24 as you can see in the running config which does send out the echo request packets out of the g1/0 interface of R3(I did a packet capture for that link between R3 and R2 which is how I know that the echo request packets are being sent out) but it does not receive any echo replies! No idea why! So pings from the client PC fail to the ASA as well since for web VPN I need to be able to reach that interface (gi 0/0) of the ASA from the client PC and it fails.
http://imgur.com/gallery/SdE2ItW
Also I can ping to the ASA from R3 and can ping R2 from R3 as well(if it's sourced from gi1/0 or loopback 0 of R3, tried sourcing from gi2/0 and it fails).
So I'm guessing there is something in the config of my R3 which is causing issues, look at my comment for the config of R3.
No comments:
Post a Comment