09-04-2008 02:50 AM - edited 02-21-2020 03:55 PM
I tried using remote vpn on my ASA.Connecting thorugh the client doesn't authenticate.
Would like to know Do I need to use any Nat0 access list for remote vpn as well.Internal range is something 192.168.1.0/24 and using virtual ips like 192.168.25.1-50/24.It is failing on IKE phase 1 itself.
Any point Do I need to take care while setting up the same?
Reg,
Sushil
09-04-2008 04:06 AM
What method of user authentication are you using local or radius, have a look here with example of local user auth, you will need nat 0 access list to allow traffic between vpn pool to inside lan net.
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008060f25c.shtml
the nonat acl would look somthing as:
access-list nonat extended permit ip
nat (inside) 0 access-list nonat
Rgds
Jorge
09-05-2008 03:52 AM
Seems the right pointer.I will try and let you know the results.
reg,
Sushil
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide