This is what I have.
Internal Network: 192.168.0.0/16
Outside patted interface: 22.214.171.124
ASA5520 setup for VPN.
ASA5520 gives out IP 192.168.3.0/24
Split-tunneling is enabled and tunnels 192.168.0.0/16
In the split-tunnel list I also add a public IP 126.96.36.199/24
I connect with the VPN and get IP 192.168.3.60 which is correct.
I see that VPN has created routes for me:
192.168.3.0 / 24 via 192.168.3.60
192.168.0.0 / 16 via 192.168.3.60
188.8.131.52 / 24 via 192.168.3.60
My objective is to access 184.108.40.206 from the VPN as if it is comming from the patted (220.127.116.11) outside interface on the firewall.
Using the VPN wizard I get an exemption for any traffic to 192.168.3.0.
Keep in mind all 192.168.0.0/16 traffic uses pat for internet access.
I try accessing 18.104.22.168 on port 80 and get this.
6|Dec 19 2007|14:25:08|106015|22.214.171.124|126.96.36.199|Deny TCP (no connection) from 188.8.131.52/80 to 184.108.40.206/8699 flags ACK on interface outside
6|Dec 19 2007|14:25:06|302013|192.168.3.60|220.127.116.11|Built inbound TCP connection 224060 for outside:192.168.3.60/1275 (192.168.3.60/1275) to outside:18.104.22.168/80 (22.214.171.124/80) (user)
Is there anyway I can fix this with out disabling split-tunneling?
Do I need some natting somewherE?