I am trying for the first time to setup VPN connections from outside back to the company's network. Using the wizard from the ADSM to configure the VPN access and it looks ok at first. I can login to the ASA without problems but I cannot see any hosts on the network at all! I had created a pool to assign the addresses 10.0.1.240 to 10.0.1.250 to the VPN clients so that they can access devices on the 10.0.1.0 network. Nothing works from this point on. Can anyone suggest what could be wrong? Is there a need to do any NAT in order to ping devices on the same network?
Thanks in advance,
By going through and adding your configurations, it works. I can now ping to a host 10.0.1.119 and it looks like it is working"
"By going through and adding your configurations, it works. I can now ping to a host 10.0.1.119 and it looks like it is working"
Sure you can. Just keep in mind that you should use different VPN pools for different profiles in order to specify exempt NATs per VPN pool, which will accomplish the goal of "form of restrictions in that when user VPN to network 10.0.1.0, he cannot ping or even see hosts on the other two"
Another method for accomplishing what you want is Downloadable ACLs using a RADIUS server, which is a little more complicated