VPN Access

Unanswered Question
Dec 15th, 2007
User Badges:

Hi all,

I have a problem I am configuring a pix 515e, and I want to configure a VPN (remote access) to access to my work network, but I have a problem i can connect to my internal network and use internet from my internal network.

But I can't access to any other resource for example (remote desktop).

I am using Cisco pix version 8.0(2) with ASDM 6.0.

Can anyone help me?





  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
husycisco Sat, 12/15/2007 - 11:44
User Badges:
  • Gold, 750 points or more

Hi Jose

Your VPN pool has a subnetmask of 255.0.0.0 but 255.255.255.240 is specified your exempt nat rule. Anyway I suggest you to change your VPN pool to different range since 10.0.0.0 255.0.0.0 overlaps your raccesspool. Also in order to keep local LAN connectivity of VPN client, apply split tunneling. Config that you should add is below




access-list split_T permit ip 10.0.0.0 255.0.0.0 172.16.10.0 255.255.255.0

access-list inside_nat0_outbound permit ip 10.0.0.0 255.0.0.0 172.16.10.0 255.255.255.0

no access-list inside_nat0_outbound extended permit ip any 10.00.240 255.255.255.240

ip local pool vpnpool 172.16.10.1-172.16.10.254 mask 255.255.255.0

tunnel-group raccess general-attributes

address-pool vpnpool

quit

group-policy raccess attributes

split-tunnel-network-list split_T


Regards

Actions

This Discussion