03-02-2007 12:14 PM - edited 02-21-2020 02:54 PM
I have just installed an ASA 5520 and am trying to implement SSL VPN. I have configured the appliance according to Cisco's documentation. I am able to get the SSL SVC VPN connection to connect but once connected I am not able to connect to any devices on my local network. Any help would be appreciated. Thanks Gene
03-02-2007 01:01 PM
Gene - Here are something you want to look into.
What is the IP pool you are assigning the SVC clients to?
What is the internal network you are trying to access to?
For Eg:
Lets say your internal network is 10.10.10.x/24
and the IP address pool you are assigning is 192.168.10.x/24 for the SVC clients,
you would need a NAT exemption ACL.
Do "sh run nat" on the ASA, see if there is any statement like
nat (inside) 0 access-list
If not, using my example, create an access-list like this...
access-list 100 per ip 10.10.10.0 255.255.255.0 192.168.10.0 255.255.255.0
nat (inside) 0 access-l 100
After that, use the SVC client and see if it works.
Rate this post, if it helps!!
Cheers
Gilbert
03-03-2007 05:42 PM
I had already done this but it still doesn't work. Thanks for the info though.
03-04-2007 02:32 AM
Gene,
Take a look here:
http://www.ciscotaccc.com/kaidara-advisor/security/showcase?case=K52957940
The above is a TAC case post, have used it and works well for me!
Hope it helps you too, please rate posts if it does!
Thanks
Jay
03-05-2007 12:21 PM
I have done this as well. I am able to see the network with just using webvpn but when I use the SSL client I cannot access the internal network. I need to be able access some servers using RDP.
03-05-2007 01:54 PM
Gene,
Can you please provide the group-policy the SSL clients are using...
sh run all group-policy
Thanks
Gilbert
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide