Intervlan routing not working over VPN

Unanswered Question
Apr 28th, 2008
User Badges:

I have a 4506 doing my intervlan routing. I have several vlans. That 4506 is connected to a ASA5520. I have a vendor that is trying to VPN into the network. He can get connect via VPN, the ASA gives him an IP from the address pool. He just can't hit his server which is on a different vlan. Further troubleshooting shows that i can't hit any other vlans except the vlan i have the pool assigned to. Any suggestions?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
JORGE RODRIGUEZ Mon, 04/28/2008 - 17:07
User Badges:
  • Green, 3000 points or more

can you post the config or double check wether you have nat exempt acls permiting vpn pool subnet to local subnets? I assume asa can reach internal subnets in 4500.

example assume two of you inside subnets in 4500 switch are and your vpn pool network is

in example acl should be as this.

access-list inside_nat0_outbound extended permit ip

access-list inside_nat0_outbound extended permit ip

nat(inside) 0 access-list inside_nat0_outbound



cowetacoit Tue, 04/29/2008 - 03:31
User Badges:

Excellent. No need to post config. I got it. Thanks for your help.

JORGE RODRIGUEZ Tue, 04/29/2008 - 12:35
User Badges:
  • Green, 3000 points or more

Michael, post the update whether you still have problem.

Bst Rgds



This Discussion