ASA 5505 to VPN Client

Unanswered Question
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (3 ratings)
acomiskey Fri, 11/30/2007 - 08:14
User Badges:
  • Green, 3000 points or more

The default gateway will be the same as the ip assigned to the client by the asa from the vpn client pool.

To have internet access you must enable split tunneling or outside nat.

Split tunnel

group-policy attributes

split-tunnel-policy tunnelspecified

split-tunnel-network-list value split_tunnel

access-list split_tunnel permit ip

Outside NAT (public internet on a stick)

same-security-traffic permit intra-interface

global (outside) 1 interface

nat (outside) 1

Hope that helps. Please rate if it does.

JORGE RODRIGUEZ Sat, 12/01/2007 - 21:21
User Badges:
  • Green, 3000 points or more

Adam, thank you for your input, I knew about split tunneling but not about public internet on a stick.. something new learned . I rate you !




This Discussion