ASA5505 Remote VPN no access

Unanswered Question
Jun 15th, 2007

I setup VPN using the wizard and I can connect but I can't get to internal resources. I'm not sure if I need to add a route somewhere but I'm sure this is an easy one but I don't usually focus on Security.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
khary Fri, 06/15/2007 - 19:37

The biggest problem I see from a glance, you should put your VPNPool in another subnet besides the inside network (192.168.1.0/24).

Also, your interface WirelessGuestLAN should be lower security level besides 100 (which is the same as your inside interface)

example:

ip local pool VPNPool 10.1.1.1-10.1.1.31 mask 255.255.255.224

!

access-list Inside_nat0_outbound extended permit ip any 10.1.1.0 255.255.255.224

!

access-list HPMVPN_splitTunnelAcl extended permit ip any 10.1.1.0 255.255.255.224

!

no access-list HPMVPN_splitTunnelAcl standard permit any

Actions

This Discussion