Trying to set up VPN Client with Hairpinning on ASA5510

Answered Question
Oct 1st, 2008

Hi,

I am trying to set up our ASA5510 so users can connect to our work LAN and browse the Internet as well.

I've followed the Cisco guide, I connect and I'm given a 192.168.10.x address as needed but I can not connect to anything on our 10.0.0.0/24 work network nor surf the Internet.

Could someone please check my config and see what is wrong, there is also a L2L vpn on here to a 192.168.3.0 network but that works without issues

Many Thanks,

Chris

I have this problem too.
0 votes
Correct Answer by singhsaju about 8 years 2 months ago

Hello Chris,

Add following access-list statement.

access-list INSIDE_nat0_outbound extended permit ip 10.0.0.0 255.255.255.0 192.168.10.0 255.255.255.0

And for hairpinning the internet traffic add following command:

same-security-traffic permit intra-interface

Check and post results.

HTH

Saju

pls rate helpful posts

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Correct Answer
singhsaju Wed, 10/01/2008 - 09:47

Hello Chris,

Add following access-list statement.

access-list INSIDE_nat0_outbound extended permit ip 10.0.0.0 255.255.255.0 192.168.10.0 255.255.255.0

And for hairpinning the internet traffic add following command:

same-security-traffic permit intra-interface

Check and post results.

HTH

Saju

pls rate helpful posts

shaw.chris Wed, 10/01/2008 - 09:59

Thanks for your help, I already had "same-security-traffic permit intra-interface" but adding the access-list did the trick!

Thanks again

Chris

Actions

This Discussion