ASA 7.2 remote access VPN

Unanswered Question
Jun 24th, 2007
User Badges:

Hi All,


I created a remote access VPN on my ASA through ASDM. The internal LAN in 192.168.14.x; the remote access pool uses 10.254.14.x; my vpn client logs in normally, but once in, i am not able to reach 192.168.14.x; any tips?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
zroth Mon, 06/25/2007 - 02:52
User Badges:

Hi,

it can be you have not configured access-list nonat,ex. access-list nonat perm ip 10.254.14.0 255.255.255.0 10.254.14.0 255.255.255.0

and command nat (inside) 0 access-list nonat


HtH

Zdenek

zroth Mon, 06/25/2007 - 02:55
User Badges:

Sorry fot the mistake,

access-list shall be access-list nonat perm ip 192.168.14.0 255.255.255.0 10.254.14.0 255.255.255.0

Fernando_Meza Mon, 06/25/2007 - 03:29
User Badges:
  • Gold, 750 points or more

Hi .. please check:


1.- That your routing is correct. The segment 192.168.14.x should know how to get back to 10.254.14.X. those returned packets need to reach the inside interface of the ASA.


2.- You might need to enable NAT-T whiach is not enabled by default. The command is


crypto isakmp nat-traversal 20


I hope it helps .. please rate it if it does !!!







m-mneimneh Mon, 06/25/2007 - 03:35
User Badges:

Hi guys,


it turned out i needed to add the following to the inside access-list:


access-list inside_acl extended permit ip any 10.254.14.0 255.255.255.0


when applied, i could get responses from 192.168.14.x machines.


thank you for your contributions.

Actions

This Discussion