At Fixya.com, our trusted experts are meticulously vetted and possess extensive experience in their respective fields. Backed by a community of knowledgeable professionals, our platform ensures that the solutions provided are thoroughly researched and validated.
Hello
I have an ASA 5505 at my host site and I have a client at home who makes a VPN connection to the ASA. The remote user is unable to map drives across their VPN. The user can ping the server just fine. I have tried connecting by name and IP still no go.
- If you need clarification, ask it in the comment box above.
- Better answers use proper spelling and grammar.
- Provide details, support with references or personal experience.
Tell us some more! Your answer needs to include more details to help people.You can't post answers that contain an email address.Please enter a valid email address.The email address entered is already associated to an account.Login to postPlease use English characters only.
Tip: The max point reward for answering a question is 15.
Yes, it is possible and Yes you have to purchase it from Cisco.
Sorry, that is how they make the big bucks.
Consider a service contract on the unit, then you can download the firmware much cheaper.
Resolutions:
1) if you have firewall, open TCP Port 1723, IP Protocol 47 (GRE).
2) make sure you can reach the VPN server by using ping. Sometimes, poor connection can cause this issue too.
3) You may need to updated firmware on a router or firewall if other OS (win9x/nt/me/w2k) works except XP.
4) The VPN server may not be able to get IP from DHCP for the VPN client. So, you may want to re-configure VPN host networking settings. For XP pro VPN host, go to the Properties of the VPN>Network, check Specify TCP/IP address and Allow calling computer to specify its own IP address, and uncheck Assign TCP/IP addresses automatically using DHCP.
5) Make sure no other secure software blocks your access, for example, if you use Norton secure software, you may need to add the remote client's IP so that the client can access.
6) If your VPN running on a Windows RRAS with NAT enabled, you may want to check the NAT settings.
7) If you can establish the VPN from the desktop at home but not from the laptop. Make sure no security software like Microsoft OneCare software that blocks the GRE.
The key with any VPN solution is to make sure that the configurations on both ends match. I am not very familiar with this particular product, but it looks like you need to have the proper VPN licenses installed first.
There are two types of VPN you can do.
1) Site to Site - This is where the are two static boxes that you want to create an encrypted tunnel between
2) Remote User access - This is where mobile users connect to a central site over an encrypted tunnel from their home or on the road.
Next, take a looks at the User Guide PDF here:
https://www.watchguard.com/help/documentation/soho6.asp
Chapter 10 tells how to configure the VPN on the Firebox side. You would just duplicate your settings if your doing option #1.
Chapter 11 tells how to configure the VPN on the client side. This section would tell you how to configure the client software for option #2.
Hope this helps.
×