Access to External Network while connected to VPN

Answered Question

I have a 5505 that I've successfully setup an IPSEC connection up to. It is using NT authentication against Active Directory to authenticate. After I connect, I can access everything on the remote (internal) network. I can not access anything on the internet.


Anything behind the ASA can get to the internet, it's the vpn clients that can't get back out.


The syslog messages show the vpn clients buiding up and tearing down ICMP connections if they are trying to ping externally, but they get no response.


I know it's most likely an ACL or NAT statement that I'm missing, any ideas?


config attacched



Correct Answer by acomiskey about 9 years 5 months ago

You have 2 options.


Split tunneling, unencrypted access to internet.


Public internet on a stick, internet traffic is tunneled to outside of ASA and back out.

same-security-traffic permit intra-interface

global (outside) 1 interface

nat (outside) 1


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Correct Answer
acomiskey Wed, 11/14/2007 - 09:27
User Badges:
  • Green, 3000 points or more

You have 2 options.


Split tunneling, unencrypted access to internet.


Public internet on a stick, internet traffic is tunneled to outside of ASA and back out.

same-security-traffic permit intra-interface

global (outside) 1 interface

nat (outside) 1


Actions

This Discussion