- Bronze, 100 points or more
I have set up a remote-access VPN using the ASA VPN wizard. When I test the connection with the Cisco VPN Client I connect successfully and get assigned an IP address from the pool I specified. However I can't send any traffic to the network behind the firewall.
The syslog records things like this:
No translation group found for icmp src WAN:10.0.0.10 dst Internal:SERVER-1 (type 8, code 0)
No translation group found for udp sec WAN: 10.0.0.10/49245 dst Internal:SERVER-1/53
10.0.0.10 is the IP the client PC is assigned. The same thing happens whether I specify a separate subnet as the pool, or if I try and use the same subnet as is used on the internal interface.
Is this because an extra NAT exemption rule is required?
Any assistance gratefully received - thanks.