olivier.jessel Wed, 07/30/2008 - 02:09

Hi,

Have you checked you have correct ACL for traffic from VPN pool to inside subnet, and correct (No-)NAT entries in both way?

More, the split-tunneling ACL is matching your inside subnet and your vpn pool ?

Tebogo Langa Wed, 07/30/2008 - 02:54

This is what I have done so far.I can connect to the pix but I cant ping the inside hosts.I dont need split tunneling.


access-list client-vpn permit ip 172.16.48.0 255.255.255.248 17.1.1.0 255.255.255.240

ip local pool client-vpn-pool 17.1.1.1-17.1.1.14

nat (inside) 0 access-list client-vpn


Tebogo Langa Wed, 07/30/2008 - 03:02

i am runnning ver 6.1(3).The firewall doesnt want to take that command.

Actions

This Discussion