ASA SSL VPN Client

gbarden · ‎03-02-2007

I have just installed an ASA 5520 and am trying to implement SSL VPN. I have configured the appliance according to Cisco's documentation. I am able to get the SSL SVC VPN connection to connect but once connected I am not able to connect to any devices on my local network. Any help would be appreciated. Thanks Gene

ggilbert · ‎03-02-2007

Gene - Here are something you want to look into.

What is the IP pool you are assigning the SVC clients to?

What is the internal network you are trying to access to?

For Eg:

Lets say your internal network is 10.10.10.x/24

and the IP address pool you are assigning is 192.168.10.x/24 for the SVC clients,

you would need a NAT exemption ACL.

Do "sh run nat" on the ASA, see if there is any statement like

nat (inside) 0 access-list

If not, using my example, create an access-list like this...

access-list 100 per ip 10.10.10.0 255.255.255.0 192.168.10.0 255.255.255.0

nat (inside) 0 access-l 100

After that, use the SVC client and see if it works.

Rate this post, if it helps!!

Cheers

Gilbert

gbarden · ‎03-03-2007

I had already done this but it still doesn't work. Thanks for the info though.

jmia · ‎03-04-2007

Gene,

Take a look here:

http://www.ciscotaccc.com/kaidara-advisor/security/showcase?case=K52957940

The above is a TAC case post, have used it and works well for me!

Hope it helps you too, please rate posts if it does!

Thanks

Jay

gbarden · ‎03-05-2007

I have done this as well. I am able to see the network with just using webvpn but when I use the SSL client I cannot access the internal network. I need to be able access some servers using RDP.

ggilbert · ‎03-05-2007

Gene,

Can you please provide the group-policy the SSL clients are using...

sh run all group-policy

Thanks

Gilbert