- Gold, 750 points or more
Area0 & Area1. Area1 ASA has remote VPN configuration where users uses split tunneling also. When users VPN-in, they successfully access all the respurces in Area1, but unable to reach resources in Area0.
But Area0 PCs able to 'ping' the VPN-in IPs. I tried 'debug icmp trace', but not even single message poping up while initiate the 'ping' from VPN-in users laptop.
fyi.. Area1 N/W: 10.251.0.0/16 and 10.251.40.0/24 has been used for VPN users DHCP. Everything works fine except for reachability to Area0.
access-list nonat extended permit ip SiteA 255.255.0.0 SiteAVPN 255.255.255.0
access-list nonat extended permit ip SiteB 255.255.0.0 SiteAVPN 255.255.255.0