cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
272
Views
5
Helpful
1
Replies

Ipsec VPN routing Issue

jstabl
Level 1
Level 1

Last night I put a new ASA5510 in place of my PIX515e. Everything went very well except for VPN connections. We are keeping the legacy VPN client for now and transforming to CLientless SSL in the future. Users can login through VPN and get the NAT pool address assigned to them but they can not browse/ping/access ANY other resource.

I did notice that there is no default gateway given to clients but im not sure its suppose to.

Here is my config. Any help is appreciated.

1 Reply 1

jstabl
Level 1
Level 1

I did some research and made the following changes.

My RAS pool is 10.1.5.100 - 200

access-list outside_nat0_inbound extended permit ip any 10.1.5.0 255.255.255.0

nat (outside) 0 access-list outside_nat0_inbound outside

clear xlate

Still can not access internal networks.

I also did the following so I could access my DMZ network which is 10.1.4.0/24

access-list dmz_outbound_nat0_acl extended permit ip 10.1.4.0 255.255.255.0 10.1.5.0 255.255.255.0

nat (dmz) 0 access-list dmz_outbound_nat0_acl

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: