How do I allow VPN Client Local LAN Access for many subnets

Unanswered Question
Dec 6th, 2007
User Badges:

Hi,


Is it possible to allow Local LAN access for more than one subnet. My servers exist on a different subnet from the one user PCs are connected to. I would like users to access server resources while connected using the VPN client.


Is there are a way of doing this??

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
massimiliano.se... Thu, 12/06/2007 - 06:12
User Badges:
  • Silver, 250 points or more

Hi,

It may be a solution using split tunnel.

I hope this helps.

Massimiliano.

pjhenriqs Fri, 12/07/2007 - 07:04
User Badges:

Hi Edward,


The easiest way to do this is via ASDM when it asks you which networks should be exempted from the NAT on the VPN Wizard.


Anyway you should check your config and just add a new line for the outside cryptomap and for the outside nat exempt.


For example:


192.168.222.0 - VPN Client Pool

192.168.1.0 - LAN 1

192.168.2.0 - LAN 2


access-list inside_nat0_outbound extended permit ip 192.168.1.0 255.255.255.0 192.168.222.0 255.255.255.0

access-list inside_nat0_outbound extended permit ip 192.168.2.0 255.255.255.0 192.168.222.0 255.255.255.0


access-list outside_cryptomap_dyn_20 extended permit ip any 192.168.222.0 255.255.255.0


Hope it helps.


Regards,

Paulo




Actions

This Discussion