12-10-2007 07:48 AM - edited 02-21-2020 01:49 AM
hi,
can any one help me i how can i set up asa vpn client to be able to access network 10.50.0.0 which is behind the asa (my vpn box) i am currently able to do vpn to this box but beyond cant do anything. Please see attached config
12-10-2007 05:23 PM
Hello.
You need to NOT NAT traffic between these subnets.
this can be achieved by apply the following configuration.
access-list acl-nat-zero extended permit ip 10.50.0.0 255.255.0.0 10.11.11.0 255.255.255.0
nat (inside) 0 access-list acl-nat-zero
Hope this helps.
Tim
12-10-2007 09:28 PM
i did exactly what you said but still it does not work. ????
12-10-2007 10:04 PM
Hello.
Your routing
route inside 10.50.0.0 255.255.0.0 172.16.21.1 1
Does 172.16.21.1 know to route to the firewall 21.14 for the 10.11.11.0/24 network?
Tim
12-10-2007 11:24 PM
Yes it does know it.
its configured for 10.11.11.0/24 is reachable via 172.16.21.14
when a user is connected on my asa via vpn, i can see tha when i do show route it shows below:
S 10.11.11.1 255.255.255.255 [1/0] via 80.227.175.225, outside
is this normal?
12-10-2007 11:57 PM
I'd have to check.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: