ASA + Allow VPN users Access to networked resources

Unanswered Question
Feb 18th, 2008
User Badges:

Hello All,

I am attempting to allow remote vpn users access to a "shared drive" but I am running into problems. I have established the following:

1) A successfull VPN connection

2) VPN users get IP addresses in the following range:

When I attempt to allow the users access to the internal network which is on the subnet, it errors out.

However, I am able to succesfully get out to the Internet after I VPN into my network but I JUST CANNOT access the shared drive.

The following information might be relavent:

ASA version 7.7(2)

On Static NAT for the Domain Controller


External: 12.x.x.x



External: 12.x.x.x.

I have also attached a screen shot of the "Packet Trace" I performed. The error says it is a NATing issue. Any help would be appriciated. Thanks.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
acomiskey Mon, 02/18/2008 - 11:10
User Badges:
  • Green, 3000 points or more

Could you post the config?

cisco24x7 Mon, 02/18/2008 - 11:20
User Badges:
  • Silver, 250 points or more

access-list nonat permit ip

nat (inside) 0 access-list nonat

isakmp nat-t 10

Your vpn will work after that.

CCIE Security

najeebsyed2 Mon, 02/18/2008 - 13:09
User Badges:

Thank you very much. It worked !! Can you explain this command? I know it created a NAT exemption but I am clueless as to what it exactly means. Thanks !!!


This Discussion