One final reply on this. All works if you setup everything as described in
the link you provided Ulrik. The issue we had was caused by the remote side
of the IPsec tunnel ACL not allowing access for the VPN clients IP block.
Thanks again.
-Lee
On Tue, Jul 1, 2014 at 4:43 PM, Lee Starnes
Hi,
Two things to check:
1. Make sure you have the following in the config:
same-security-traffic permit intra-interface
2. Make sure you have a the NAT rules configured correctly so that the traffic
between the VPN clients and the remote LAN is NOT translated (or in fact are
NAT:ed to
Thanks Ulrik.
Confirmed that how that shows to setup is how I have it but still can't
pass traffic. I suspect the remote office might be filtering it. This was a
cutover from a Fortinet to an ASA but the other side is till a Fortinet
when they created the new tunnel. Great link. Thanks for the
