Hi Larry,
Do you have check your Shrew log and Cisco logs ? Regards, On Tue, Nov 25, 2014 at 2:31 PM, Larry Gray <[email protected]> wrote: > I work with a lot of different customers who use a lot of different > equipment to provide vpn connections so we can maintain equipment. I have > been using Shrew for a while now for quite a few cisco vpn connections and > haven’t had a problem. I received a new pcf file from a new site and > imported it into the client. When I load the connection and login, I > connect, I see new routes that are built, but I cannot ping or access the > one device they are permitting us to access. The cisco vpn client works, > but I cannot access anything with shrewsoft. > > > > I have done a lot of research trying to find an answer, but my vpn > troubleshooting skills are not that strong. The customer is open to some > guidance, but they will not let us work with their firewall. I have found > mention of the following possible issues: > > 1. Single host policy failing: > https://lists.shrew.net/pipermail/vpn-help/2011-July/003879.html > > 2. Issues with split tunneling: > https://lists.shrew.net/pipermail/vpn-help/2009-October/001426.html > > > > But none of those are for an ASA 5520. Can someone help with additional > troubleshooting steps so I can guide the customers IT staff to make a > slight change in their firewall so this works with Shrewsoft? Or, maybe > tell me something I can set in shrewsoft that might work? > > > > Here are some highlights when connected with Shrewsoft: > > > > ASA 5520 > > Policy includes access to 1 IP address: 192.168.113.193/32 > > Connected client shows: > > SA Established=1 > > Expired/Failed both = 0 > > Status=Connected > > Transport=NAT-T RFC / IKE| ESP > > IKE Fragmentation = disabled > > Dead Peer Detection = enabled > > > > Computer routing table shows the following relevant new routes when > connected (3.4.5.6 = : > > Active Routes: > > Network Destination Netmask > Gateway Interface Metric > > 10.99.99.0 255.255.255.0 > On-link 10.99.99.240 286 > > 10.99.99.240 255.255.255.255 On-link > 10.99.99.240 286 > > 10.99.99.255 255.255.255.255 On-link > 10.99.99.240 286 > > 3.4.5.6 255. 255.255.255 > 10.10.40.1 10.10.40.101 21 > > 192.168.113.193 255.255.255.255 On-link > 10.99.99.240 31 > > > > Larry Gray > Technician > Phone: (317) 802-2530 > Fax: (317) 802-2531 > Extension: 22530 > E-mail: [email protected] > > Disclaimer: The information enclosed in this transmission is considered > private & confidential and may not be reproduced in any form without the > senders permission. If you are not the intended recipient, any disclosure, > copying, distribution, or any action taken or omitted to be taken in > reliance on it is prohibited and is unlawful. > > Please consider the environment, *before* printing this email. > > Disclaimer added by *CodeTwo Exchange Rules 2013* > www.codetwo.com <http://www.codetwo.com/?sts=2532> > > > _______________________________________________ > vpn-help mailing list > [email protected] > https://lists.shrew.net/mailman/listinfo/vpn-help > >
_______________________________________________ vpn-help mailing list [email protected] https://lists.shrew.net/mailman/listinfo/vpn-help
