No Internet Access when VPNd into ASA 5505

Answered Question

My problem is just as the title states. Any internal host can access the internet with out any issues. When I VPN into the network I can access all internal networks but am unable to access any Internet sites.

I've used packet tracer in ASDM with the following settings: an address from the vpn pool and the address of an external website with all the appropriate ports. Packet tracer says the packet should be allowed.

Also, with logging set to debug I never see a packet hit the log that is destined for Internet land.

DNS appears to be functioning as it should.

What am I missing! Thanks in advance for all of your help.

I have this problem too.
0 votes
Correct Answer by JORGE RODRIGUEZ about 7 years 5 months ago

Hi, from your description seems you have configured RA vpn as full tunnel? if this is the case could you confirm you are nating your vpn network for outbound ..

typically for RA full tunnel outbound internet you would nat vpn pool network and allow that traffic back out

the same interface it came with same sec permit intra interface statement.

nat (outside) 1

same-security-traffic permit intra-interface

have a look here for reference

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00805734ae.shtml

Regards

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
JORGE RODRIGUEZ Wed, 07/29/2009 - 19:53

Hi, from your description seems you have configured RA vpn as full tunnel? if this is the case could you confirm you are nating your vpn network for outbound ..

typically for RA full tunnel outbound internet you would nat vpn pool network and allow that traffic back out

the same interface it came with same sec permit intra interface statement.

nat (outside) 1

same-security-traffic permit intra-interface

have a look here for reference

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00805734ae.shtml

Regards

Actions

This Discussion