VPN Access

Unanswered Question
Dec 15th, 2007

Hi all,

I have a problem I am configuring a pix 515e, and I want to configure a VPN (remote access) to access to my work network, but I have a problem i can connect to my internal network and use internet from my internal network.

But I can't access to any other resource for example (remote desktop).

I am using Cisco pix version 8.0(2) with ASDM 6.0.

Can anyone help me?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
husycisco Sat, 12/15/2007 - 11:44

Hi Jose

Your VPN pool has a subnetmask of 255.0.0.0 but 255.255.255.240 is specified your exempt nat rule. Anyway I suggest you to change your VPN pool to different range since 10.0.0.0 255.0.0.0 overlaps your raccesspool. Also in order to keep local LAN connectivity of VPN client, apply split tunneling. Config that you should add is below

access-list split_T permit ip 10.0.0.0 255.0.0.0 172.16.10.0 255.255.255.0

access-list inside_nat0_outbound permit ip 10.0.0.0 255.0.0.0 172.16.10.0 255.255.255.0

no access-list inside_nat0_outbound extended permit ip any 10.00.240 255.255.255.240

ip local pool vpnpool 172.16.10.1-172.16.10.254 mask 255.255.255.0

tunnel-group raccess general-attributes

address-pool vpnpool

quit

group-policy raccess attributes

split-tunnel-network-list split_T

Regards

Actions

This Discussion