RV042 VPN and firewall?

Similar Messages

• Best option for VPN and Firewall..

  I am replacing my Watchguard Firebox 700 Firewall/VPN with a Cisco box. I am trying to determine what would be the best model for my environment.
  20 person company.. The only need would be for 1 or 2 different offices to connect via VPN and also our users to connect via VPN. So my needs are for firewall and VPN.. What model would you recommend?
  Thank you

  Hi,
  I would suggest ASA 5505. Take a look at the link below.
  http://www.cisco.com/en/US/products/ps6120/prod_models_comparison.html
  Rate it, if it helps.
  Thanks
  Gilbert

• VPN and Firewall

  So I have kind of a different setup going here. I have an ISA Server 2006 at the front with a 2821 behind doing my internal routing and connecting to my voice provider and then to my CallManager. I am trying to setup the router to allow VPN connections through EasyVPN. Anyone ever try to allow EasyVPN connections through an ISA Firewall or a firewall period to a router behind it? Any ideas?

  See the below link as a general guide:-
  http://www.cisco.com/en/US/products/sw/secursw/ps5318/products_configuration_example09186a00806ad10e.shtml
  All you have to allow thru the ISA server is:-
  UDP 500 - ISAKMP
  Protocol 50 - ESP and 51 - AH (if used)
  if you required NAT-T then you also have to allow UDP 4500
  HTH>

• Access to VPN and Skype from behind work's firewall

  I'm running a Powerbook G4 with OS 10.4.11. At work I have a very fast ethernet connection perfect for internet and Work (Exchange) email, however I can't seem to access my Uni email account, VPN or several other services, notably Skype or iChat (as I work away from my kids during the week this is vitally important). I can ping the server for the VPN and both sets of IT boffins assure me that all appropriate ports are open. I can access the VPN through PCs and I am at the moment broadcasting the internet through my Airport to a PC based laptop which is running Skype quite happily. I can go to a local pub/coffee shop and access all of the services through a WiFi/Airport Network, and I have access to all these services when I'm at home (again through WiFi). What am I doing wrong? Any help would be greatly appreciated
  D

  Hi,
  yes, the spilt into three subnets did help. I now can see the routers also from the LAN which solves Problem A)
  Regarding the access from WAN1 to WAN2 the background is a long story about different flatrates from Provider A and B. To keep it short: DSL is stable but very slow during some hours of the day and attached to WAN2, LTE (4G) is fast but not stable (at least 2-3 hickups per day). Therefore I need the RV042 to keep the LAN clients always online as I need it for my job. The telephone is another issue. The fritzboxes do allow VOIP over their own Internet connection but also using another Fritzbox is possible. I have my telephones connected to the DSL Box (WAN2 = 192.168.179 now) and I have a flatrate for calls to cell phones with my 4G provider (WAN1 = 192.168.178 now). As the 4G keeps failing from time to time it is very annoying when it happens during a telco (and we all know Murphys law). So the ideas is to have the telphones attached to the stable (WAN2) DSL Box and reroute it for calls to cell phones via WAN1 ( which is a feature of the boxes and worked perfectly). If the 4G fails the DSL Box uses its own Internet connection to make the call (but then I have to pay for it).
  So I need access from WAN2 (192.168.179) to WAN1 (192.168.178). I tried a static route in the WAN2 Box but it didn't work (I've used the RV042 WAN interface IP: 192.168.179.100 as Gateway).
  Kind regards
  Klaus

• RV042 VPN Client Access not able to connect two users at same time

  I have a RV042 and have set it up for VPN Client access using the QuickVPN client to connect my remote users. I discovered today that I cannot have two users connect in at the same time. Both users are in the same remote office. They can connect individually with no problem but if one is connected and the other tries connect also the second user gets a message the gateway is not responding. They are both running WinXPPRo SP3. Any help is greatly appreciated.

  Were your QuickVPN clients behind a firewall router of some sort? For multiple QuickVPN clients to be able to connect to the remote RV042 at the same time, the local firewall router must have VPN Passthrough correctly implemented. You could try using a RV042 as the firewall router for your QuickVPN clients and you should be able to maintain 2 tunnels at the same time to the remote RV042.

• Need Help Setup Cisco RV042 vpn

  good day everyone, a month ago my boss purchase 4 pcs cisco rv042 vpn to be used in our small office and to our satelite office, with expectations of simple file sharing and remote troubleshooting and for better and safe data transfer. since the task is given to me as an IT staff it is difficult to me to setup this vpn router since i have a little  idea and many question are on my mind that need to be answered, i read the manual test the vpn router but still no good answered found. i know it is dufficult but with proper guide and step by step on how to use this one i can make it work. please anyone help me i need answers to this questions.
  i am using windows 7 pro sp1 64bit for my test unit, how can i make a vpn server? a client?
  in the past i connect the internet connection in the internet connection port in the back of the router, then another cable from vpn port 1-4 i select #4 port to connect to my pc, since the vpn give the ip on my pc i can easily connect to the firmware of the vpn using the deafault username and password. when i go to the firmware i dont know where to start, and i dont even have the internet connection for my pc.
  i feel sorry for myself beacuse i have no idea in this kind of thing, CISCO people and others out there i am calling for your help.
  thank you in advance
  mel

  Dear Emilio,
  Thank you for reaching Cisco Small Business Support Community.
  If you’d like to setup a Site to Site VPN on your RV042 here is a good step by step guide;
  http://sbkb.cisco.com/CiscoSB/Loginr.aspx?login=1&pid=2&app=search&vw=1&articleid=304
  If you are looking into a remote access VPN, QuickVPN, here is the step by step procedure;
  http://sbkb.cisco.com/CiscoSB/Loginr.aspx?login=1&pid=2&app=search&vw=1&articleid=452
  Just in case here is also a document with Windows operating systems tips;
  http://sbkb.cisco.com/CiscoSB/Loginr.aspx?login=1&pid=2&app=search&vw=1&articleid=2922
  Finally here is a link with the Admin Guide where starting on page 122 you can find everything related to VPN setup on this particular device model, beside info in how to setup your internal network (I suggest you to go through this admin guide so you know everything about the router);
  http://www.cisco.com/en/US/docs/routers/csbr/rv0xx/administration/guide/rv0xx_AG_78-19576.pdf
  Please let me know if there is any further assistance we may assist you with.
  Kind regards,
  Jeffrey Rodriguez S. .:|:.:|:.
  Cisco Customer Support Engineer
  *Please rate the Post so other will know when an answer has been found.

• Cisco RV042 VPN unable to connect to Netgear PS FVS318

  Hello,
  We recently replaced one of two Netgear ProSafe VPN FVS318 with a Cisco RV042 VPN. Both Netgear were configured site-site and was working fine until one of them failed. We copied as much configuration settings from the failed Netgear PS to the RV042 but were unsuccessful in establishing a connection between the two sites.
  The logs on the Cisco router shows this:
  VPN Log packet from 1.1.1.1:500: received Vendor ID payload [RFC 3947]  
  VPN Log packet from 1.1.1.1:500: ignoring Vendor ID payload [439b59f8ba676c4c7737ae22eab8f582]  
  VPN Log packet from 1.1.1.1:500: ignoring Vendor ID payload [439b59f8ba676c4c7737ae22eab8f582]  
  VPN Log packet from 1.1.1.1:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03]  
  VPN Log packet from 1.1.1.1:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03]  
  VPN Log packet from 1.1.1.1:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]  
  VPN Log packet from 1.1.1.1:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]  
  VPN Log packet from 1.1.1.1:500: [Tunnel Negotiation Info] <<< Responder Received Main Mode 1st packet  
  VPN Log packet from 1.1.1.1:500: [Tunnel Negotiation Info] <<< Responder Received Main Mode 1st packet  
  VPN Log packet from 1.1.1.1:500: initial Main Mode message received on 2.2.2.2:500 but no connection has been authorized with policy=PSK  
  Each time we select a tunnel test connect, that last message appears with "but no connection has been authorized with policy=PSK"
  *replaced actual IP with sample IP.
  Any ideas why this is happening?
  Thank you!

  Hello,
  It looks as RV042 receive phase 1 configuration from Netgear, but due to mismatch with it's phase 1 settings does not reply back.
  I can't be more specific as this could be anything in phase 1 - aggressive/main mode; the WAN IP addresses, encryption or SA lifetime. As well if any of the devices is behind NAT, the option NAT traversal should be checked.
  Regards,
  Kremena

• VPN and intergrated email service.

  I am wondering if anyone can aid me...
  Set up VPN on z10, works through browser but cannot connect to email server thru add email account settings. Tested hotspot with laptop and outlook which works fine. 
  Carriers ip address is blocked which is why I set up vpn, is their anyway to run the integrated email thru vpn?
   Forgive me if the terminology isn't correct but I'm not a networking guru.
   Thanks

  Hi!
  I have 2 VPN, they are home & business, and I can send and receive e-mails through both tunnels, same without VPN as well. So problem lies somewhere at another place
  Try to use e-mail without VPN and if You'll can, problem is in VPN settings, if not, then something is wrong with You e-mail account settings.
  If problem is with VPN, then something wrong is with server firewall or ports forwarding most probably.
  While You aren't network guru, I suggest to talk with e-mail tech support or VPN tech support according which case You have

• Two RV042 VPN setup

  We are a small business in Indiana and have someone in Idaho connected to us via VPN that does freelance graphic design for us.  She is currently connected to us via a VPN on two Linksys WRV54g routers but our connection is dropped constantly.  I have read online this seems to be a problem so I have purchased 2 RV042 routers to do this since people seem to be much happier with them.  Is there some documentation that will walk me through setting this up?  I will probably want to set them up to be the internet router for the two locations as well (right now in Indiana we have a separate router for that purpose).  We would like to see each other both ways.  She also uses our server as her DNS server since she is in our domain.  Does this make sense?  I know enough to get myself in trouble on this!  Thanks

  There are two ways to do this. one is Gateway to Gateway. This uses two RV042 Router praferably with static or reserved IP addresses on both ends.
  The second is Client to Gateway this uses one RV042 Router and the built in Microsoft VPN Client. This requires one static or reservered IP on your end.     Best way to test this is build it between two internet connections like work and home or if you have two internet connections at work.
  If you chose VPN Gateway to Gateway
  add a new tunnel
  give the tunnel a name like "business name city name"
  chose the LAN port to use WAN1
  next is local group setup.
  I use IP Only
  the router WAN ip address is there and greyed out. take note of this IP
  Local Security Group Type SUBNET
  enter your internal IP segmant. (if you are using 192.168.1.1 then enter 192.168.1.0
  enter subnet 255.255.255.0
  Remote group setup is next.
  again IP only
  enter Her WAN IP address
  Choose Subnet
  then enter her internal IP segmant. note it has to be different then yours. (if you are using 192.168.2.1 enter 192.168.2.0)
  Ike with preshared
  Group 1
  DES
  MD5
  28800 and so on
  Enter the pre shared key and take not of it
  Look at page 36    http://www.cisco.com/en/US/docs/routers/csbr/rv042/admin/guide/RV042_V10_UG_C-WEB.pdf
  Now do the same thing on the other router just revers the local and remote security groups. it is important that the two router are on different Ip segments.
  if you have any question just ask.
  Peter Labelle

• VPN and what can I expect to see?

  When I establish a VPN connection to a Snow Leopard Server will I be able to see or use applications from other servers on the same network?
  Or do I only get to use what is on the Server I connected to?
  And the only way I have found of using anything on the Snow Leopard Server is connecting to it with Apple remote desktop? Is that it or am I missing something?
  I can connect to a server with VPN and I have all data routed through VPN ad I can not browse for server and see anything?
  I have a functioning VPN into my newest Snow Leopard Server but I would love to use data from the Leopard Server that sits next door. I am able to install client software on the Snow Leopard Server and start it up and have it connect to my database but I am hoping to bring 2 or 3 remote users into the network simultaneously and have them use the database on the Leopard Server?
  Does Apple have a VPN setup guide anywhere?
  Thanks group.

  The Airport and Time Capsule are good home routers, and good WiFi devices.
  They're also configurable as good access points, which is handy if you're running multiple WiFi devices to get coverage in a larger area.
  The devices are not particularly capable firewalls for use with servers; that's not their target market.
  Specific device suggestions? I've worked with various stuff over the years, and I generally end up either following the client's gear preferences, or running some research based on the bandwidth and expectations and features for the installation. And the budget; for a bigger budget, you can often get better features or easier integration. And the products and offerings and features change regularly in this market; each time I do this, I find different gear.
  Here's the general path...
  There are commercial and open-source options available.
  The open-source packages can generally convert a two-controller spare PC into a firewall, and most (all?) can operate with a selection of embedded x86 boxes.
  In general, I look for support of VPN (L2TP and PPTP minimally, other protocols if and as available), look for explicit listings of Linux and Mac OS X details in the manuals (not because you're going to necessarily use Linux or any particular operating system here, but because the vendor went to the effort to test with a variety of platforms), and I look for a vender that does not require downloading a VPN client, for NAT, reasonably programmable port-forwarding, and possibly (as additional features, or as specific requirements) DMZ, RADIUS, anti-malware and anti-spam mechanisms.
  Oh, and download and read the product manual before you buy the box. See if it makes any sense. (I've found this step invaluable for reducing the numbers of candidate boxes I need to evaluate.)

• VPN and Internet Connection Sharing? (bridging remote networks)

  I'd like to try an experiment and some advice from this list will be useful.
  +Summary: Can a Mac with two interfaces activate VPN and Internet sharing simultaneously to bridge two remote networks?+
  I've created a PPTP VPN server on our XServe at work and opened the appropriate ports on our firewall. This and a second location are linked with standard (but fast) ADSL broadband. I can log in from both Mac and Windows VPN clients at an external location and indeed the experience is just like being at work- printers, file servers and other resources (eg networked Filemaker databases) are all visible. Yay.
  Question: Is it possible to extend this concept further by logging onto our VPN with once interface (eg Airport) +and then+ enabling Internet Sharing through the second interface (eg Ethernet)? Will this allow a small network connected through the second interface to all behave as though they are on the work network, with transparent access to fileservers, printers and so on, without each bothering individually with VPNs and so on? I suspect there are physical boxes that will do this, but it would be wonderful to know if I can get a Mac with two NICs to do the same job, acting as a router between the two networks. Are there any limitations to this? I am happy to tweak under the hood if need be. I just need to know if this is possible, even in theory, and what the limitations might be.
  Thanks.

  Hey Nathan...
  My VPN is down at the moment, but I think your going to have to manually configure all of the "clients" who are sharing the VPN to an IP range that your office uses. When you connect to your VPN, check your network prefs, and you'll see the IP addresses assigned to your VPN are similar to your network at the office. So, in a way, your sharing computer has 2 IP addresses... one from your modem or router at home, and one from the VPN server at the office. It's this 2nd IP address that allows you to appear to be on the network at the office.
  So, if you can find a way to set up your shared clients the same way.... it might work. It will also be VERY helpful if your IP range at home is different from the IP range at the office....192.168... for one...and 10.0.0 for the other. (Whether traffic will pass thru your "sharing server" is a different matter altogether.)
  Now, and I'm really guessing here.. if this works at all... you may be only able to access stuff from the office on your "shared clients" (ie no internet).... the way around that is to set up your VPN to allow VPN clients to pull stuff from the internet from the office thu the VPN... and for the life of me don't remember how that is done. But it will most likely be a bit slow.
  I'd start with the basics... setup one client with a manual IP address/router/dns servers, and try to ping a computer at the office. If this works... at least part of your problem is solved.
  With all that said... it may not work at all. Good Luck!

• Controling iOS Ports and URLs Via VPN and UTM

  I'm new to actual Network Security. My dad's worked network security, I've taken Security and programing classes. But in short, I have no real money and I'm too busy living the college life (Homework tell you're hired 3 years from now.) My goal this winter is to set up a UTM in the house. I'll probably go with Astaro. If not, WS2008 is my next choice. It's a bit harder on resources, to my experience, but I'm still new, so studying is required.
  my ultimate goal is to lock down my network. No uncleared Ports or URLs. I've learned with ZoneAlarm how much I love manual control of my network and thus the applications within it. I'm not a pirate, but I don't like programs validating. It seems insulting for my computer not to trust it's creater. so I block that. My goal is to lock down my more portable systems and reroute them back into the LAN via VPN and block outgoing and incoming ports and URLs from the UTM here.
  I realized that I can apply this technique to the iOSs as well, in theory. I'm here to ask for help with this.
  My questions:
  1. Can you forward ALL networked data to and through the VPNed Network without a single leek?
  2. Has anyone tried this and what problems have you had? (Exp: some apps might not like this. I can't imagine them wasting the processor power to check for his, but it's happened with countless PC programs)
  3. In regards to question number two's tangent, I'm making a special goal to block the new iAd Urls. I'm assuming they use the commonly open port 80. they don't want people to be without ads at school.
  Has anyone seen a problem with this?
  thank you in advance. I want to publish my findings in an easy How To Manual later. Sharing is caring. haha.

  Smith Comma John wrote:
  I was asking if anyone had actually tested the IOS for leaks. either Apple making a backdoor for their sake, or one of the apps exploiting a fault somewhere.
  Given the intense scrutiny that Apple is under, I doubt either scenario is a possibility.
  What I really ment to ask was "has anyone had problems with the apps not liking URL/Port limitations forced upon them". With ZoneAlarm, you can do exactly this and all of the programs I've used cannot access the internet without concent from the user. If blocked, the end up thinking that they're off line, but Crysis, for example will not intstall unless it get's an authentication check from crytec's server. You cannot install it without internet access (Assuming no workarounds/spoofing is used). Has anyone had problems with the applications after firewalling their ipad with in a similar fashion.
  On a Mac, people use Little Snitch for this. It is very handy to make sure SPAM in your inbox doesn't phone home if you accidentally open it.
  Because all such tools are system-level, you aren't going to run the on iOS. What you can do is run DD-WRT on your router. You could control and log all inbound and outbound traffic. It is essentially a port of Linux for your router. I used it for many years until I got a Time Capsule. As far as routers go, my ancient Buffalo router with DD-WRT was significantly better than the Apple Time Capsule. My iPad works great with it. I expect DD-WRT would be able to keep you suitably entertained.
  Frankly I'm not too happy with apple right now. Tryrony comes to mind.
  Don't believe what you read on the internet, especially if Apple is the subject.

• IpSec VPN and NAT don't work togheter on HP MSR 20 20

  Hi People,
  I'm getting several issues, let me explain:
  I have a Router HP MSR with 2 ethernet interfaces, Eth 0/0 - WAN (186.177.159.98) and Eth 0/1 LAN (192.168.100.0 /24). I have configured a VPN site to site thru the internet, and it works really well. The other site has the subnet 10.10.10.0 and i can reache the network thru the VPN Ipsec. The issue is that the network 192.168.100.0 /24 needs to reach internet with the same public address, so I have set a basic NT configuration, when I put the nat configuration into Eth 0/0 all network 192.168.100.0 can go to internet, but the VPN goes down, when I remove the NAT from Eth 0/0 the VPN goes Up, but the network 192.168.100.0 Can't go to internet.
  I'm missing something but i don't know what it is !!!!, See below the configuration.
  Can anyone help me qith that, I need to send te traffic with target 10.10.10.0 thru the VPN, and all other traffic to internet, Basically I need that NAT and VPN work fine at same time.
  Note: I just have only One public Ip address.
  version 5.20, Release 2207P41, Standard
  sysname HP
  nat address-group 1 186.177.159.93 186.177.159.93
  domain default enable system
  dns proxy enable
  telnet server enable
  dar p2p signature-file cfa0:/p2p_default.mtd
  port-security enable
  acl number 2001
  rule 0 permit source 192.168.100.0 0.0.0.255
  rule 5 deny
  acl number 3000
  rule 0 permit ip source 192.168.100.0 0.0.0.255 destination 10.10.10.0 0.0.0.255
  vlan 1
  domain system
  access-limit disable
  state active
  idle-cut disable
  self-service-url disable
  ike proposal 1
  encryption-algorithm 3des-cbc
  dh group2
  ike proposal 10
  encryption-algorithm 3des-cbc
  dh group2
  ike peer vpn-test
  proposal 1
  pre-shared-key cipher wrWR2LZofLx6g26QyYjqBQ==
  remote-address <Public Ip from VPN Peer>
  local-address 186.177.159.93
  nat traversal
  ipsec proposal vpn-test
  esp authentication-algorithm sha1
  esp encryption-algorithm 3des
  ipsec policy vpntest 30 isakmp
  connection-name vpntest.30
  security acl 3000
  pfs dh-group2
  ike-peer vpn-test
  proposal vpn-test
  dhcp server ip-pool vlan1 extended
  network mask 255.255.255.0
  user-group system
  group-attribute allow-guest
  local-user admin
  password cipher .]@USE=B,53Q=^Q`MAF4<1!!
  authorization-attribute level 3
  service-type telnet
  service-type web
  cwmp
  undo cwmp enable
  interface Aux0
  async mode flow
  link-protocol ppp
  interface Cellular0/0
  async mode protocol
  link-protocol ppp
  interface Ethernet0/0
  port link-mode route
  nat outbound 2001 address-group 1
  nat server 1 protocol tcp global current-interface 3389 inside 192.168.100.20 3389
  ip address dhcp-alloc
  ipsec policy vpntest
  interface Ethernet0/1
  port link-mode route
  ip address 192.168.100.1 255.255.255.0
  interface NULL0
  interface Vlan-interface1
  undo dhcp select server global-pool
  dhcp server apply ip-pool vlan1

  ewaller wrote:
  What is under the switches tab?
  Oh -- By the way, that picture is over the size limit defined in the forum rules in tems of pixels, but the file size is okay.  I'll let it slide.  Watch the bumping as well.
  If you want to post the switches tab, upload it to someplace like http://img3.imageshack.us/, copy the thumbnail (which has the link to the original)  back here, and you are golden.
  I had a bear of a time getting the microphone working on my HP DV4, but it does work.  I'll look at the set up when I get home tonight [USA-PDT].
  Sorry for the picture and the "bumping"... I have asked in irc in arch and alsa channels and no luck yet... one guy from alsa said I had to wait for the alsa-driver-1.0.24 package (currently I have alsa-driver-1.0.23) but it is weird because the microphone worked some months ago...
  So here is what it is under the switches tab

• Cisco ASA Site to Site IPSEC VPN and NAT question

  Hi Folks,
  I have a question regarding both Site to Site IPSEC VPN and NAT. Basically what I want to achieve is to do the following:
  ASA2  is at HQ and ASA1 is a remote site. I have no problem setting up a  static static Site to Site IPSEC VPN between sites. Hosts residing at  10.1.0.0/16 are able to communicate with hosts at 192.168.1.0/24, but  what i want is to setup NAT with IPSEC VPN so that host at 10.1.0.0/16  will communicate with hosts at 192.168.1.0/24 with translated addresses
  Just an example:
  Host N2 (10.1.0.1/16) will communicate with host N1 192.168.1.5 with  destination lets say 10.23.1.5 not 192.168.1.5 (Notice the last octet  should be the same in this case .5)
  The same  translation for the rest of the communication (Host N2 pings host N3  destination ip 10.23.1.6 not 192.168.1.6. again last octet is the same)
  It sounds a bit confusing for me but i have seen this type of setup  before when I worked for managed service provider where we had  connection to our clients (Site to Site Ipsec VPN with NAT, not sure how  it was setup)
  Basically we were communicating  with client hosts over site to site VPN but their real addresses were  hidden and we were using translated address as mentioned above  10.23.1.0/24 instead of (real) 192.168.1.0/24, last octet should be the  same.
  Appreciate if someone can shed some light on it.

  Hi,
  Ok so were going with the older NAT configuration format
  To me it seems you could do the following:
  Configure the ASA1 with Static Policy NAT 
  access-list L2LVPN-POLICYNAT permit ip 192.168.1.0 255.255.255.0 10.1.0.0 255.255.0.0
  static (inside,outside) 10.23.1.0 access-list L2LVPN-POLICYNAT
  Because the above is a Static Policy NAT it means that the translation will only be done when the destination network is 10.1.0.0/16
  If you for example have a basic PAT configuration for inside -> outside traffic, the above NAT configuration and the actual PAT configuration wont interfere with eachother
  On ASA2 side you can normally configure NAT0 / NAT Exemption for the 10.1.0.0/16 network 
  access-list INSIDE-NONAT remark L2LVPN NONAT
  access-list INSIDE-NONAT permit ip 10.1.0.0 255.255.0.0 10.23.1.0 255.255.255.0
  nat (inside) 0 access-list INSIDE-NONAT
  You will have to take into consideration that your access-list defining the L2L-VPN encrypted traffic must reflect the new NAT network 
  ASA1: access-list L2LVPN-ENCRYPTIONDOMAIN permit ip 10.23.1.0 255.255.255.0 10.1.0.0 255.255.0.0
  ASA2: access-list L2LVPN-ENCRYPTIONDOMAIN permit ip 10.1.0.0 255.255.0.0 10.23.1.0 255.255.255.0
  I could test this setup tomorrow at work but let me know if it works out.
  Please rate if it was helpful
  - Jouni

• Works windows mobile with SSL VPN and anyconnect

  Hello,
  do anyone know if the following OS works with ASA 8.x SSL VPN client ,SSL clientless VPN and anyconnect client and Secure Desktop :
  windows mobile 5.0 Premium phone edition
  windows mobile 6.0
  windows embedded CE,Net
  windows mobile 2003
  Thank you for your help
  Michael

  [url=http://fztodds.24fast.info/washington225.html] washington [/url]
  [url=http://fztodds.24fast.info/washington16e.html] washington [/url]
  [url=http://fztodds.24fast.info/washingtond66.html] washington [/url]
  [url=http://fztodds.24fast.info/washington4e0.html] washington [/url]
  [url=http://fztodds.24fast.info/washington00b.html] washington [/url]
  [url=http://fztodds.24fast.info/washington1e7.html] washington [/url]
  [url=http://ioinlfu.zotzoo.com/washington0a8.html] washington [/url]
  [url=http://ioinlfu.zotzoo.com/washington9de.html] washington [/url]
  [url=http://ioinlfu.zotzoo.com/washingtone4a.html] washington [/url]
  [url=http://ioinlfu.zotzoo.com/washington4ec.html] washington [/url]
  [url=http://ioinlfu.zotzoo.com/washington184.html] washington [/url]
  [url=http://ioinlfu.zotzoo.com/washingtonb73.html] washington [/url]
  [url=http://ioinlfu.zotzoo.com/washington853.html] washington [/url]
  [url=http://ygkbfvp.wipou.com/washington1a5.html] washington [/url]
  [url=http://ygkbfvp.wipou.com/washingtonde7.html] washington [/url]
  [url=http://ygkbfvp.wipou.com/washington2b8.html] washington [/url]
  [url=http://ygkbfvp.wipou.com/washington902.html] washington [/url]
  [url=http://ygkbfvp.wipou.com/washingtonc99.html] washington [/url]
  [url=http://ygkbfvp.wipou.com/washingtoncc7.html] washington [/url]
  [url=http://ygkbfvp.wipou.com/washington598.html] washington [/url]
  [url=http://yfldvbz.webheri.net/washingtonbe2.html] washington [/url]
  [url=http://yfldvbz.webheri.net/washingtone9b.html] washington [/url]
  [url=http://yfldvbz.webheri.net/washington4e0.html] washington [/url]
  [url=http://yfldvbz.webheri.net/washington327.html] washington [/url]
  [url=http://yfldvbz.webheri.net/washingtonada.html] washington [/url]
  [url=http://yfldvbz.webheri.net/washingtond2b.html] washington [/url]
  [url=http://yfldvbz.webheri.net/washington317.html] washington [/url]
  [url=http://odwjneh.yourfreehosting.net/washington7cb.html] washington [/url]
  [url=http://odwjneh.yourfreehosting.net/washingtoneaf.html] washington [/url]
  [url=http://odwjneh.yourfreehosting.net/washington259.html] washington [/url]
  [url=http://odwjneh.yourfreehosting.net/washington8e0.html] washington [/url]
  [url=http://odwjneh.yourfreehosting.net/washingtonc03.html] washington [/url]
  [url=http://odwjneh.yourfreehosting.net/washington092.html] washington [/url]
  [url=http://odwjneh.yourfreehosting.net/washington79c.html] washington [/url]
  [url=http://aeaukol.rack111.com/washington766.html] washington [/url]
  [url=http://aeaukol.rack111.com/washingtona2e.html] washington [/url]
  [url=http://aeaukol.rack111.com/washington4c4.html] washington [/url]
  [url=http://aeaukol.rack111.com/washingtonb9f.html] washington [/url]
  [url=http://aeaukol.rack111.com/washingtond3a.html] washington [/url]
  [url=http://aeaukol.rack111.com/washington54a.html] washington [/url]
  [url=http://aeaukol.rack111.com/washington777.html] washington [/url]
  [url=http://uhbayoe.hostrator.com/washington300.html] washington [/url]
  [url=http://uhbayoe.hostrator.com/washington239.html] washington [/url]
  [url=http://uhbayoe.hostrator.com/washington7b4.html] washington [/url]
  [url=http://uhbayoe.hostrator.com/washingtonad5.html] washington [/url]
  [url=http://uhbayoe.hostrator.com/washingtone03.html] washington [/url]
  [url=http://uhbayoe.hostrator.com/washington399.html] washington [/url]
  [url=http://uhbayoe.hostrator.com/washington9e9.html] washington [/url]
  [url=http://ggaubio.hostevo.com/washington878.html] washington [/url]
  [url=http://ggaubio.hostevo.com/washington525.html] washington [/url]