vpn issues

Answered Question
Jul 11th, 2008

Hi,

I've bought an ASA5505 and I'm setting it up as a firewall and vpn server.

After many tries my vpn client connected to the server, but now i can't access to my 'inside' network either to the internet...

What's wrong with my config?

My router (192.168.1.254) is linked to eth0 and my vpn client (192.168.1.10 - assigned by dhcp) is connected to eth7...

Ps: if you have any suggestion to improve my network security feel free to suggest ^_^

(Sorry but this is the first time that I set-up a vpn, so I'm deeply ignorant about this)

I have this problem too.
0 votes
Correct Answer by a.alekseev about 8 years 4 months ago

access-list NO-NAT permit ip any 192.168.10.0 255.255.255.0

nat (inside) 0 access-list NO-NAT

access-list SPLIT-T standard permit 192.168.0.0 255.255.255.0

group-policy Tailoradio attributes

split-tunnel-policy tunnelspecified

split-tunnel-network-list value SPLIT-T

no crypto dynamic-map outside_dyn_map 20 set nat-t-disable

no crypto map inside_map interface inside

no crypto isakmp enable inside

crypto isakmp nat-traversal

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Correct Answer
a.alekseev Fri, 07/11/2008 - 08:10

access-list NO-NAT permit ip any 192.168.10.0 255.255.255.0

nat (inside) 0 access-list NO-NAT

access-list SPLIT-T standard permit 192.168.0.0 255.255.255.0

group-policy Tailoradio attributes

split-tunnel-policy tunnelspecified

split-tunnel-network-list value SPLIT-T

no crypto dynamic-map outside_dyn_map 20 set nat-t-disable

no crypto map inside_map interface inside

no crypto isakmp enable inside

crypto isakmp nat-traversal

carlo-tail Fri, 07/11/2008 - 08:53

Perfect, now it's working! ^_^

Is there any way to propagate local lan hostnames to the vpn client?

a.alekseev Fri, 07/11/2008 - 09:04

Nice to hear

You can propagate WINS, and DNS servers for the client.

[Pls RATE if HELPS]

Actions

This Discussion