I work with a lot of different customers who use a lot of different equipment to provide vpn connections so we can maintain equipment. I have been using Shrew for a while now for quite a few cisco vpn connections and haven't had a problem. I received a new pcf file from a new site and imported it into the client. When I load the connection and login, I connect, I see new routes that are built, but I cannot ping or access the one device they are permitting us to access. The cisco vpn client works, but I cannot access anything with shrewsoft.
I have done a lot of research trying to find an answer, but my vpn troubleshooting skills are not that strong. The customer is open to some guidance, but they will not let us work with their firewall. I have found mention of the following possible issues: 1. Single host policy failing: https://lists.shrew.net/pipermail/vpn-help/2011-July/003879.html 2. Issues with split tunneling: https://lists.shrew.net/pipermail/vpn-help/2009-October/001426.html But none of those are for an ASA 5520. Can someone help with additional troubleshooting steps so I can guide the customers IT staff to make a slight change in their firewall so this works with Shrewsoft? Or, maybe tell me something I can set in shrewsoft that might work? Here are some highlights when connected with Shrewsoft: ASA 5520 Policy includes access to 1 IP address: 192.168.113.193/32 Connected client shows: SA Established=1 Expired/Failed both = 0 Status=Connected Transport=NAT-T RFC / IKE| ESP IKE Fragmentation = disabled Dead Peer Detection = enabled Computer routing table shows the following relevant new routes when connected (3.4.5.6 = : Active Routes: Network Destination Netmask Gateway Interface Metric 10.99.99.0 255.255.255.0 On-link 10.99.99.240 286 10.99.99.240 255.255.255.255 On-link 10.99.99.240 286 10.99.99.255 255.255.255.255 On-link 10.99.99.240 286 3.4.5.6 255. 255.255.255 10.10.40.1 10.10.40.101 21 192.168.113.193 255.255.255.255 On-link 10.99.99.240 31 [cid:teldata2828716] Larry Gray Technician Phone: (317) 802-2530 Fax: (317) 802-2531 Extension: 22530 E-mail: [email protected] [cid:c17f1326-f74b-443b-854f-d8ebfcd977db0ca4d7] Disclaimer: The information enclosed in this transmission is considered private & confidential and may not be reproduced in any form without the senders permission. If you are not the intended recipient, any disclosure, copying, distribution, or any action taken or omitted to be taken in reliance on it is prohibited and is unlawful. Please consider the environment, before printing this email. Disclaimer added by CodeTwo Exchange Rules 2013 www.codetwo.com<http://www.codetwo.com/?sts=2532>
_______________________________________________ vpn-help mailing list [email protected] https://lists.shrew.net/mailman/listinfo/vpn-help
