Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
297
Views
0
Helpful
2
Replies

How do I allow VPN Client Local LAN Access for many subnets

edwardwaithaka
Level 1
Level 1

‎12-06-2007 04:50 AM - edited ‎02-21-2020 03:24 PM

Hi,

Is it possible to allow Local LAN access for more than one subnet. My servers exist on a different subnet from the one user PCs are connected to. I would like users to access server resources while connected using the VPN client.

Is there are a way of doing this??

Labels:
0 Helpful
2 Replies 2

massimiliano.serafino
Level 4
Level 4

‎12-06-2007 06:12 AM

Hi,

It may be a solution using split tunnel.

I hope this helps.

Massimiliano.

0 Helpful

pjhenriqs
Level 1
Level 1

‎12-07-2007 07:04 AM

Hi Edward,

The easiest way to do this is via ASDM when it asks you which networks should be exempted from the NAT on the VPN Wizard.

Anyway you should check your config and just add a new line for the outside cryptomap and for the outside nat exempt.

For example:

192.168.222.0 - VPN Client Pool

192.168.1.0 - LAN 1

192.168.2.0 - LAN 2

access-list inside_nat0_outbound extended permit ip 192.168.1.0 255.255.255.0 192.168.222.0 255.255.255.0

access-list inside_nat0_outbound extended permit ip 192.168.2.0 255.255.255.0 192.168.222.0 255.255.255.0

access-list outside_cryptomap_dyn_20 extended permit ip any 192.168.222.0 255.255.255.0

Hope it helps.

Regards,

Paulo

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents