This is what I have.
Internal Network: 192.168.0.0/16
Outside patted interface: 188.8.131.52
ASA5520 setup for VPN.
ASA5520 gives out IP 192.168.3.0/24
Split-tunneling is enabled and tunnels 192.168.0.0/16
In the split-tunnel list I also add a public IP 184.108.40.206/24
I connect with the VPN and get IP 192.168.3.60 which is correct.
I see that VPN has created routes for me:
192.168.3.0 / 24 via 192.168.3.60
192.168.0.0 / 16 via 192.168.3.60
220.127.116.11 / 24 via 192.168.3.60
My objective is to access 18.104.22.168 from the VPN as if it is comming from the patted (22.214.171.124) outside interface on the firewall.
Using the VPN wizard I get an exemption for any traffic to 192.168.3.0.
Keep in mind all 192.168.0.0/16 traffic uses pat for internet access.
I try accessing 126.96.36.199 on port 80 and get this.
6|Dec 19 2007|14:25:08|106015|188.8.131.52|184.108.40.206|Deny TCP (no connection) from 220.127.116.11/80 to 18.104.22.168/8699 flags ACK on interface outside
6|Dec 19 2007|14:25:06|302013|192.168.3.60|22.214.171.124|Built inbound TCP connection 224060 for outside:192.168.3.60/1275 (192.168.3.60/1275) to outside:126.96.36.199/80 (188.8.131.52/80) (user)
Is there anyway I can fix this with out disabling split-tunneling?
Do I need some natting somewherE?