Remotely accessing the office network connected to E1000

Hello;
I'm the IT Manager for a Small Non-Profit Organization(Helping build homes, giving education, health care for the poor).
All computers are connected to a network through a Linksys E1000 Wifi Router and I would like to access all computers
remotely especially when I'm on my site visits or when I'm not in the office. Is there a way for me to join the network even
if I'm outside the office.
Thanks for the Help and more power to those sharing their knowledge.

The easiest program to use is LogMeIn.
See https://secure.logmein.com/

Similar Messages

Can not access CRM from outside the office network - Access denied You do not have sufficient access rights or privileges to perform this action.

Hi,
I can not access CRM from outside the office network - Access denied You do not have sufficient access rights or privileges to perform this action. I can access CRM with same user id and password from our office inside the network. I can get
the page to give login details once I have login details I got below error. Please help me to solve this issue. It was working before.
Access denied You do not have sufficient access rights or privileges to perform this action.
Regards,
Noushad
[email protected]

On Premise system Configured with AD FS server for claims-based authentication you need to update your host file with server url to access it from outside office network.
Refer
this on how to update host file.
Regards, Saad

Is it possible to remotely access the desktop in OS9.1 from a newer G5 mac?

I have an old 7600 Powermac running OS9.1 and several peripherals on the SCSI bus. I would like to be able to access this machine and the peripherals via my newer G5 machine. So I'm wondering if its possible to remotely access the desktop on the OS9.1 machine with the existing software or do I need some type of network administrator software? Thx in advance!
7600 Mac OS 9.1.x

Yes, there are several remote access apps in the app store. LogMeIn, TeamViewer, and others.
Search the app store and find what works best for you.

I can not access the hard drive connected to my airport extreme! Any thoughts?

I can not access the hard drive connected to my ariport extreme. When I use the finder to connect a server and type in the IP of the a. extreme, 10.0.1.1 it does not work and I get an error message.
Any thoughts.
A

Is the hard drive formatted for Mac in Mac OS Extended (Journaled)?
If yes, you may need to use a powered USB hub since the USB port on the AirPort Extreme is under powered and it is often necessary to use a powered hub....even if the hard drive has its own power supply
If both items check out above.....have you checked Finder Preferences to make sure that "Connected Servers" will be displayed?
Finder Preferences > General > Show These Items on the Desktop > Connected Servers
Then with the Finder menus displayed at the top of the screen click the Go menu
Click Network and the AirPort Extreme icon should be displayed
Double click the icon to mount the drive on the desktop

Disabling DataSocket Access to Specific Network Connection

Hi Group,
I have DataSocket server running on a PC with two active LAN connections (2 x Network cards). The main connection is to our corporate LAN/WAN. The secondary connection is to a fixed set of several computers for our monitored process.
The way the system is currently configured, the Datasocket server broadcasts datasocket data to both connections. For this application I want to disable data broadcast on the Corporate LAN while retaining it on the secondary LAN system.
Is there a setting in Datasocket Server that I can use to prevent it from broadcasting to the primary network connection?
Is there some other solution (eg. Port blocking) etc that I can use that may be more suitable to this requirement?
Any advice is appreciated,
Thanks,
Laurie

Hello,
I don't think I understand exactly the functionality you are looking for. Is it that you would like DataSocket to be available on the LAN, but not to someone who imitates a valid IP address? This would be tricky, because it comes down to a network security problem I guess. The server can be launched and configured programmatically; would it be possible to monitor and change the number of allowed connections to restrict imitations? That is, you could have an application which allowed a user to login... if they login, they get access and you increment the number of allowed connections. When they logout, you would decrement the number of allowed connections. This way you would at least have the added security feature that a user would have to know certain login parameters in order to gain access, and not simply connect a PC to the network. i realize there would be some details to deal with if this is even sufficient, but perhaps you can comment on the plausibility of this, and perhaps clarify precisely what network activity you would like to restrict!
Thank you, and I hope we can find a clean solution to this problem!
Best Regards,
JLS
Best,
JLS
Sixclear

HT6147 Cannot access the Internet while connected to Wi-Fi after updated to ios 7.06!

I updated my Iphone 5s to ios 7.06 yesterday (2014, Feb 27) and i could not access the internet while connected to Wi-Fi.
According to: http://support.apple.com/kb/TS1398, my IP address is 192.168.xxx.xxx, not 169.254.xxx.xxx!!! How can I fix this?

Reboot your router. The phone is picking out the router address. Unplug it from power for about 15 seconds then turn it back on. While that is happening, on the phone go to Settings>General>Reset>Reset Network Settings.

I do this after this instruction .. . when i switched on the phone first ask the language when i select english after ask region when i select silanka after it last menu is in the choose network ,connect to itunes menu|? iPhone 4S

i do this after this instruction .. . when i switched on the phone first ask the language when i select english after ask region when i select silanka after it last menu is in the choose network ,connect to itunes menu|?
iPhone 4S

when i connect to the phone to pc the msg says . .."
There is no SIM card installed in the iPhone you are attempting to activate.
Please disconnect and insert a SIM card in the iPhone.

What is the optical output bit/sample rate of an Apple TV3 when using the wired network connection. 16/48 or 24/48.

What is the optical output bit/sample rate of an Apple TV3 when using the wired network connection. 16/48 or 24/48.

It doesn't matter what type of network connection it has its output is 16/48.

My family owns an Apple Airport router, and my question is that is there a were to remotely access the router and turn it off and on? Thanks

My family owns an Apple Airport router, and my question is that is there a were to remotely access the router and turn it off and on? Thanks

Richard's suggestion will turn off and turn on the wireless function on your Mac computer......but.....it will not do anything as far as turning your Apple AirPort router on and off.......which seems to be the question that you are asking above.
If this is the question that you are asking, it is not possible to power the Apple router on and off from either a local or remote location.

Hi there I have an iPhone 4S on the 3 network that will allow me to tether my iPhone 4S to the ps3, my question is will I be able to access the playstation network on the playstation 3 to download games and content to my ps3 console

Hi there I have an iPhone 4S on the 3 network that will allow me to tether my iPhone 4S to the ps3, my question is will I be able to access the playstation network on the playstation 3 to download games and content to my ps3 console

If you're getting normal network access through tethering, I'm not sure why this would not work.
- JC

I can't access my university VPN with my iPad or iPhone but I can access it with my Mac. I was wondering if there is a simple way so that I can remotely access my home computer from the iPad, turn on the Mac VPN and then access the school network?

The iosx and open VPN app on the iPad/phone aren't compatible w my school's VPN, but my Mac is via tunnelblick. I would really like to have VPN access from my tablet so I can access journals without undergoing a tedious process.
Has anyone encountered this and found a remedy? I'm imagining an app from the tablet that can access the Mac at home to turn on the VPN to the school and then have access.. But then I'm thinking id be reading through 2 screens then formatting/resolution could be a problem.
Another thought was setting up a VPN at home so that my iPad can connect to my computer at home via VPN which would then allow me easy access to journals. But I'm lacking experience in this, especially a security issue as I'm going from point A to point C to get back to point B.
I'm open to any suggestions.
Thanks

You should be able to use the OpenVPN Connect app running on your iPad to connect your iPad to the VPN directly. It is an official OpenVPN client for iOS devices.
In what way is it "not compatible"? Have you tried it? Tunnelblick is an OpenVPN client, so your school's VPN is using the OpenVPN protocol. That means any OpenVPN client should be able to access it. (It is possible, but unlikely, that your school uses encryption that is not available on the iPad, but that would be very unusual.)
Otherwise, a remote control app on your iPad would let you control your Mac at home. "Back to My Mac", for example, would allow you to control your Mac remotely. The tricky part of this is that usually a VPN is set up to send all Internet traffic via the VPN server, and I'm not sure how that would work with "Back to My Mac".

Remote access my office mac from my home mac

I know this is not the right forum for this, but I am not sure which one is and so I am asking this question here in the hopes that someone will direct me to the right place.
If I want to access my office mac from home, what program do I need to use? (Apple Remote Desktop?) Where can I find detailed instructions?
Other pertinent details:
I have a PB at home and one at the office, both running OSX.3.
Both are on a wireless network.
Office is behind a firewall.
Because both computers are on a wireless network, their IP addresses are of the form 10.0.1.xxx. Turning on File sharing on the office computer and then doing "ssh [email protected].....etc. does not seem to work.
Ideally I want to be able to remotely run programs on the office computer. I know this ability exists for Windows XP (and my colleagues use it), so it MUST exist for Macs.
Any help will be much appreciated.
Thanks,
NS

ns,
Apple Remote Desktop and Timbuktu Pro are worthy programs; you can achieve the same effects with free VNC (virtual network connection) software. Essentially, you set one Mac up as a VNC server, the other as a VNC client, and connect the client to the server. Check Version Tracker and/or MacUpdate for such freeware as VNCThing (OS 9 client), OSXvnc (OS X server), and Chicken of the VNC (OS X client).
The firewall will require you to set up port forwarding. I've actually found the FAQ and help info at the site for the Windows program UltraVNC along with PortForward more than enough to figure how to set up a VNC link to a Windows PC in my wife's office that could be accessed by either my office Mac (before turning on the link encryption) or her home PC. Adding / using SSH is somewhat more complicated and outside of my firsthand experience, but there are references at e.g. SSH VNC Tunneling (try Googling "SSH VNC Mac"). See for example:
Homemade Dot-Mac: Remote Control
MacMod - Your Mac Modding HQ
VNC Sessions From Off-Campus
Note that if you have the usual dynamic IP account at home and a static IP at work, it will be easier to set up the work computer as the server since the IP number will be a fixed address. If both computers are on dynamic IP accounts, the server's IP number will have to be checked locally before connecting remotely (one reason ISPs can charge extra for static IP accounts).

Remote access VPN-unable to connect inside-URGENT

Hi,
I have configured Remote access VPN in cisco ASA 5520.Whenever I am trying to connect from outside it's connecting fine.It aslo getting IP from pool but prob is i am unable to connect/ping inside nw.
Pls help me...how to resolve this issue.

I had the same problem on an IOS router (871). My solution was one of two things. I downloaded the most up-to-date version of the VPN client (5.0.02.90) as opposed to the version I had or it was a software firewall (Norton 360). I have two different computers. One works just fine...the other connects but no traffic passes through. Here is what I have:
Computer 1 (working)- VPN Client v5.0.02.0090 and Network Associates Enterprise VirusScan.
Computer 2 (not working) - VPN Client v5.0.00.0340 and Norton 360.
I highly doubt it is the VPN Client, but sometimes you never know. Check your software firewall and try disabling it. Let me know how this works.

Remote access VPN client gets connected fails on hosts in LAN

Hi,
VPN client gets connected fine, I have a inter VLAN routing happening on the switch in the LAN so all the LAN hosts have gateway IP on the switch, I have the defult route pointing to ASA inside interface on the switch, the switch I can reach after Remote Access VPN is connected how ever I cannot ping/connect to other hosts in the LAN and if I make the gateway point to the ASA then that host is accessible, any suggestions? I really want to have gateway to be the Switch as I have other networks reachable through the Switch (Intranet routing)

Hi Mashal,
Thanks for your time,
VPN Pool(Client) 192.168.100.0/24
Internal Subnets 192.9.200.0/24(VLAN 4000) and 192.168.2.0/24 (VLAN 1000)
=============
On the Switch
=============
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route
Gateway of last resort is 192.168.2.5 to network 0.0.0.0
     172.32.0.0/24 is subnetted, 1 subnets
C       172.32.0.0 is directly connected, Vlan101
C    192.168.200.0/24 is directly connected, Vlan2000
C    192.9.200.0/24 is directly connected, Vlan4000
S    192.168.250.0/24 [1/0] via 192.9.200.125
S    192.168.1.0/24 [1/0] via 192.9.200.125
C    192.168.2.0/24 is directly connected, Vlan1000
S    192.168.252.0/24 [1/0] via 192.9.200.125
S*   0.0.0.0/0 [1/0] via 192.168.2.5
===============
On ASA
===============
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
       i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
       * - candidate default, U - per-user static route, o - ODR
       P - periodic downloaded static route
Gateway of last resort is 172.32.0.2 to network 0.0.0.0
C    172.32.0.0 255.255.255.0 is directly connected, outside
C    192.9.200.0 255.255.255.0 is directly connected, inside
C    192.168.168.0 255.255.255.0 is directly connected, failover
C    192.168.2.0 255.255.255.0 is directly connected, MGMT
S    192.168.100.2 255.255.255.255 [1/0] via 172.32.0.2, outside
S    192.168.100.3 255.255.255.255 [1/0] via 172.32.0.2, outside
S*   0.0.0.0 0.0.0.0 [1/0] via 172.32.0.2, outside
We don't need route print on the PC for now as I can explain what is happening I can get complete access to the 192.168.2.0/24 (VLAN 1000) but for 192.9.200.0/24 (VLAN 4000) above from the switch I can only ping IP's on the switches/pair but cannot have any tcp connections, which explains the default route being pointed on the switch is on VLAN 1000, now my issue is How do I get access to VLAN 4000 as you can see these two are on different Interfaces/zones on the ASA and please note with default gateway pointing to ASA I will have access to both the VLAN's it is only when I move the gateway pointing to Switch I loose tcp connections to one VLAN depending on the default route on the being pointing to on the switch.
So we are left to do with how to on the switch with default route.

Remote access VPN client gets connected no access to LAN

: Saved
ASA Version 8.6(1)2
hostname COL-ASA-01
domain-name dr.test.net
enable password i/RAo1iZPOnp/BK7 encrypted
passwd i/RAo1iZPOnp/BK7 encrypted
names
interface GigabitEthernet0/0
nameif outside
security-level 0
ip address 172.32.0.11 255.255.255.0
interface GigabitEthernet0/1
nameif inside
security-level 100
ip address 192.9.200.126 255.255.255.0
interface GigabitEthernet0/2
shutdown
no nameif
no security-level
no ip address
interface GigabitEthernet0/3
shutdown
no nameif
no security-level
no ip address
interface GigabitEthernet0/4
shutdown
no nameif
no security-level
no ip address
interface GigabitEthernet0/5
nameif failover
security-level 0
ip address 192.168.168.1 255.255.255.0 standby 192.168.168.2
interface Management0/0
nameif management
security-level 0
ip address 192.168.2.11 255.255.255.0
ftp mode passive
dns server-group DefaultDNS
domain-name dr.test.net
object network RAVPN
subnet 192.168.0.0 255.255.255.0
object network NETWORK_OBJ_192.168.200.0_24
subnet 192.168.200.0 255.255.255.0
object network NETWORK_OBJ_192.9.200.0_24
subnet 192.9.200.0 255.255.255.0
object-group network inside_network
network-object 192.9.200.0 255.255.255.0
object-group network Outside
network-object host 172.32.0.25
access-list RAVPN_splitTunnelAcl standard permit 192.9.200.0 255.255.255.0
access-list test123 extended permit ip host 192.168.200.1 host 192.9.200.190
access-list test123 extended permit ip host 192.9.200.190 host 192.168.200.1
access-list test123 extended permit ip object NETWORK_OBJ_192.168.200.0_24 192.9.200.0 255.255.255.0
access-list test123 extended permit ip 192.9.200.0 255.255.255.0 object NETWORK_OBJ_192.9.200.0_24
pager lines 24
mtu management 1500
mtu outside 1500
mtu inside 1500
mtu failover 1500
ip local pool RAVPN 192.168.200.1-192.168.200.254 mask 255.255.255.0
no failover
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-66114.bin
no asdm history enable
arp timeout 14400
nat (inside,outside) source dynamic any interface
nat (any,inside) source static NETWORK_OBJ_192.168.200.0_24 NETWORK_OBJ_192.168.200.0_24 destination static NETWORK_OBJ_192.9.200.0_24 NETWORK_OBJ_192.9.200.0_24
route outside 0.0.0.0 0.0.0.0 172.32.0.2 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
user-identity default-domain LOCAL
aaa authentication ssh console LOCAL
http server enable
http 0.0.0.0 0.0.0.0 outside
http 0.0.0.0 0.0.0.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart
crypto ipsec ikev1 transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs group1
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map outside_map interface outside
crypto ca trustpoint ASDM_TrustPoint0
enrollment terminal
subject-name CN=KWI-COL-ASA-01.dr.test.net,O=KWI,C=US
crl configure
crypto ikev1 enable outside
crypto ikev1 policy 10
authentication crack
encryption aes-256
hash sha
group 2
lifetime 86400
crypto ikev1 policy 20
authentication rsa-sig
encryption aes-256
hash sha
group 2
lifetime 86400
crypto ikev1 policy 30
authentication pre-share
encryption aes-256
hash sha
group 2
lifetime 86400
crypto ikev1 policy 40
authentication crack
encryption aes-192
hash sha
group 2
lifetime 86400
crypto ikev1 policy 50
authentication rsa-sig
encryption aes-192
hash sha
group 2
lifetime 86400
crypto ikev1 policy 60
authentication pre-share
encryption aes-192
hash sha
group 2
lifetime 86400
crypto ikev1 policy 70
authentication crack
encryption aes
hash sha
group 2
lifetime 86400
crypto ikev1 policy 80
authentication rsa-sig
encryption aes
hash sha
group 2
lifetime 86400
crypto ikev1 policy 90
authentication pre-share
encryption aes
hash sha
group 2
lifetime 86400
crypto ikev1 policy 100
authentication crack
encryption 3des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 110
authentication rsa-sig
encryption 3des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 120
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 130
authentication crack
encryption des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 140
authentication rsa-sig
encryption des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 150
authentication pre-share
encryption des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 65535
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
telnet 192.9.200.0 255.255.255.0 inside
telnet timeout 30
ssh 0.0.0.0 0.0.0.0 management
ssh 0.0.0.0 0.0.0.0 outside
ssh 66.35.45.128 255.255.255.192 outside
ssh 0.0.0.0 0.0.0.0 inside
ssh timeout 30
ssh version 2
console timeout 0
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
webvpn
enable outside
anyconnect image disk0:/anyconnect-win-2.5.2014-k9.pkg 1
anyconnect enable
tunnel-group-list enable
group-policy DfltGrpPolicy attributes
group-policy RAVPN internal
group-policy RAVPN attributes
wins-server value 192.9.200.164
dns-server value 66.35.46.84 66.35.47.12
vpn-filter value test123
vpn-tunnel-protocol ikev1
split-tunnel-policy tunnelspecified
split-tunnel-network-list value test123
default-domain value dr.kligerweiss.net
username test password xxxxxxx encrypted
username admin password aaaaaaaaaaaa encrypted privilege 15
username vpntest password ddddddddddd encrypted
tunnel-group RAVPN type remote-access
tunnel-group RAVPN general-attributes
address-pool RAVPN
default-group-policy RAVPN
tunnel-group RAVPN ipsec-attributes
ikev1 pre-shared-key *****
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect ip-options
inspect netbios
inspect rsh
inspect rtsp
inspect skinny
inspect esmtp
inspect sqlnet
inspect sunrpc
inspect tftp
inspect sip
inspect xdmcp
service-policy global_policy global
prompt hostname context
no call-home reporting anonymous
call-home
profile CiscoTAC-1
no active
destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
destination address email [email protected]
destination transport-method http
subscribe-to-alert-group diagnostic
subscribe-to-alert-group environment
subscribe-to-alert-group inventory periodic monthly 2
subscribe-to-alert-group configuration periodic monthly 2
subscribe-to-alert-group telemetry periodic daily
password encryption aes
Cryptochecksum:b001e526a239af2c73fa56f3ca7667ea
: end
COL-ASA-01#
Here is some capture done on the inside interface which may help too, I tried pointing the gateway to inside interface on the target device but I think this was a switch without ip route available on it I believe that is still sending packet back to Cisco inside interface
COL-ASA-01# sho cap test | in 192.168.200
25: 23:45:55.570618 192.168.200.1 > 192.9.200.190: icmp: echo request
29: 23:45:56.582794 192.168.200.1.137 > 192.9.200.164.137: udp 68
38: 23:45:58.081050 192.168.200.1.137 > 192.9.200.164.137: udp 68
56: 23:45:59.583176 192.168.200.1.137 > 192.9.200.164.137: udp 68
69: 23:46:00.573517 192.168.200.1 > 192.9.200.190: icmp: echo request
98: 23:46:05.578110 192.168.200.1 > 192.9.200.190: icmp: echo request
99: 23:46:05.590057 192.168.200.1.137 > 192.9.200.164.137: udp 68
108: 23:46:07.092310 192.168.200.1.137 > 192.9.200.164.137: udp 68
115: 23:46:08.592468 192.168.200.1.137 > 192.9.200.164.137: udp 68
116: 23:46:10.580795 192.168.200.1 > 192.9.200.190: icmp: echo request
COL-ASA-01#
Any help or pointers greatly appreciated, I am doing this config after a long gap on Cisco last time I was working it was all PIX so just need some expert eyes to let me know if I am missing something.
And Yes I do not have a Host in Inside network to test against, all I have is a switch which cannot route and ip default gateway is not helping too...

Hi,
The first thing you should do to avoid problems is to change the VPN Pool to something else than the current LAN network as they are not really directly connected in the same network segment.
You could try the following changes
tunnel-group RAVPN general-attributes
no address-pool RAVPN
no ip local pool RAVPN 192.168.200.1-192.168.200.254 mask 255.255.255.0
ip local pool RAVPN 192.168.201.1-192.168.201.254 mask 255.255.255.0
tunnel-group RAVPN general-attributes
address-pool RAVPN
no nat (any,inside) source static NETWORK_OBJ_192.168.200.0_24 NETWORK_OBJ_192.168.200.0_24 destination static NETWORK_OBJ_192.9.200.0_24 NETWORK_OBJ_192.9.200.0_24
In the above you first remove the VPN Pool from the "tunnel-group" and then remove and recreate the VPN Pool with another network and then insert it back to the same "tunnel-group". Nex you remove the current NAT configuration.
object network LAN
subnet 192.168.200.0 255.255.255.0
object network VPN-POOL
subnet 192.168.201.0 255.255.255.0
nat (inside,outside) 1 source static LAN LAN destination static VPN-POOL VPN-POOL
The above NAT configurations adds the correct NAT0 configuration for the changed VPN Pool. It also inserts the NAT rule to the very top before the Dynamic PAT rule you currently have. It is also one of the problems with the configurations as it will override your current NAT configurations.
You have your Dynamic PAT rule at the very top of your NAT rules currently which is not a good idea. If you wish to change it to something else that wont override the other NAT configurations in the future you can do the following change.
no nat (inside,outside) source dynamic any interface
nat (inside,outside) after-auto source dynamic any interface
NOTICE! Changing the above Dynamic PAT configuration will temporarily terminate all connections for users from the LAN as you reconfigure the Dynamic PAT rule. So if you do this change make sure that its ok to cause still small cut in the current connections of internal users
Hope this helps
Let me know if it works for you
- Jouni

Remotely accessing the office network connected to E1000

Similar Messages

Maybe you are looking for