ASA 5505 VPN NAT

Answered Question

Hi all,


I am working with an ASA 5505 and am trying to get remote VPN working. I used the wizard to set up the connection and I can connect to the appliance. When I do connect, I cannot do anything, like surf, nslookup, access the ASDM, etc. I think NAT is where I need to be looking and I have tried NAT exempt rules with no luck. Can anyone help with this?


Thanks

Correct Answer by JORGE RODRIGUEZ about 7 years 8 months ago

You need this ( if doing full tunnel ra vpn)


http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00805734ae.shtml


example


same-security-traffic permit intra-interface


global (outside) 1 interface

nat (outside) 1



as for accessing ASA through RA tunnel or any ipsec tunnel you need couple of statements:


management-access inside ( provided your inside interface nameif is inside)


http inside

telnet inside



http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/m.html#wp1987122



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
JORGE RODRIGUEZ Mon, 09/14/2009 - 06:39
User Badges:
  • Green, 3000 points or more

You need this ( if doing full tunnel ra vpn)


http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00805734ae.shtml


example


same-security-traffic permit intra-interface


global (outside) 1 interface

nat (outside) 1



as for accessing ASA through RA tunnel or any ipsec tunnel you need couple of statements:


management-access inside ( provided your inside interface nameif is inside)


http inside

telnet inside



http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/m.html#wp1987122



Actions

This Discussion