ASA 7.2 remote access VPN

Unanswered Question
Jun 24th, 2007
User Badges:

Hi All,

I created a remote access VPN on my ASA through ASDM. The internal LAN in 192.168.14.x; the remote access pool uses 10.254.14.x; my vpn client logs in normally, but once in, i am not able to reach 192.168.14.x; any tips?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
zroth Mon, 06/25/2007 - 02:52
User Badges:


it can be you have not configured access-list nonat,ex. access-list nonat perm ip

and command nat (inside) 0 access-list nonat



zroth Mon, 06/25/2007 - 02:55
User Badges:

Sorry fot the mistake,

access-list shall be access-list nonat perm ip

Fernando_Meza Mon, 06/25/2007 - 03:29
User Badges:
  • Gold, 750 points or more

Hi .. please check:

1.- That your routing is correct. The segment 192.168.14.x should know how to get back to 10.254.14.X. those returned packets need to reach the inside interface of the ASA.

2.- You might need to enable NAT-T whiach is not enabled by default. The command is

crypto isakmp nat-traversal 20

I hope it helps .. please rate it if it does !!!

m-mneimneh Mon, 06/25/2007 - 03:35
User Badges:

Hi guys,

it turned out i needed to add the following to the inside access-list:

access-list inside_acl extended permit ip any

when applied, i could get responses from 192.168.14.x machines.

thank you for your contributions.


This Discussion