ASA 7.2 remote access VPN

Unanswered Question
Jun 24th, 2007

Hi All,

I created a remote access VPN on my ASA through ASDM. The internal LAN in 192.168.14.x; the remote access pool uses 10.254.14.x; my vpn client logs in normally, but once in, i am not able to reach 192.168.14.x; any tips?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
zroth Mon, 06/25/2007 - 02:52

Hi,

it can be you have not configured access-list nonat,ex. access-list nonat perm ip 10.254.14.0 255.255.255.0 10.254.14.0 255.255.255.0

and command nat (inside) 0 access-list nonat

HtH

Zdenek

zroth Mon, 06/25/2007 - 02:55

Sorry fot the mistake,

access-list shall be access-list nonat perm ip 192.168.14.0 255.255.255.0 10.254.14.0 255.255.255.0

Fernando_Meza Mon, 06/25/2007 - 03:29

Hi .. please check:

1.- That your routing is correct. The segment 192.168.14.x should know how to get back to 10.254.14.X. those returned packets need to reach the inside interface of the ASA.

2.- You might need to enable NAT-T whiach is not enabled by default. The command is

crypto isakmp nat-traversal 20

I hope it helps .. please rate it if it does !!!

m-mneimneh Mon, 06/25/2007 - 03:35

Hi guys,

it turned out i needed to add the following to the inside access-list:

access-list inside_acl extended permit ip any 10.254.14.0 255.255.255.0

when applied, i could get responses from 192.168.14.x machines.

thank you for your contributions.

Actions

This Discussion