Want to allow port VPN client from Peplink to cisco ASA?


#1

Dear All,

I would like all of you to help me. now i have some issue on allow port VPN from outside to inside.
let me tell you that, i have peplink 5800 for wan connection and i have firewall cisco ASA 5510, so i do VPN client on ASA 5510, on configuration on ASA 5510 vpn client is working but when i we connect to peplink client from outside cannot connect vpn to ASA 5510 i think peplink block port vpn client and i try to allow port udp 4500, udp 10000 and udp 500 on peplink ->Firewalll-> access rules ->Inbound Firewall but it still cannot access vpn clinet access throught peplink 5800.
Do you hvae idear on this issue?

best regards,
Rechard


#2

Hi rechard_david,

It appears that what we are dealing with is just passing through the IPSec information rather than using the Balance as the termination point?

If so, you would need to lock down the IPsec traffic to the particular WAN it needs to use under Network > Misc. Settings >
Service Passthrough > IPsec NAT-T. Go ahead and checkmark the “Route IPsec Site-to-Site VPN” option and select the particular WAN. Save and apply changes and test again. Normally, to pass along IPsec traffic, we do need to
tie it to the particular WAN here to make sure that things route properly.

I hope that helps, let us know if there is something else to go over or if we need to clarify further.


#3

Dear Jason ,

Nice to hear from you!

Yes, i try to use this option but it still cannot login passthrough.and i also try to allow port from outside to inside ( on Peplink) ports DUP 4500,UDP10000 and UDP 500, if i take out peplink and connect direct wan connnect into ASA so i can loggin VPN from outside. on Pep link i did not see any log when VPN clinet try to request it. Could you help to how can i do next?

My firmware : 5.2.2

Please kindly see in the attach file.

Best Regards,
rechard


#4

Dear All,

Do you have any update?

Best Regards,
Rechard


#5

The first thing I am going to do is upgrade to the latest firmware from 5.2.2.

The latest firmware is 5.3.12 and we could do a online firmware upgrade on the web admin page with ease. If this is related to some issues we have addressed since then, firmware 5.3.12 will be the solution right away.

If this persists however on firmware 5.3.12 we will be needing a diagnostic report for advance diagnostic. You can download it following the instructions at http://www.peplink.com/index.php?view=faq&id=31&path=20 and send it to our support team via our support ticket system at http://www.peplink.com/contact/support/