ASA 5505 VPN NAT

Answered Question

Hi all,

I am working with an ASA 5505 and am trying to get remote VPN working. I used the wizard to set up the connection and I can connect to the appliance. When I do connect, I cannot do anything, like surf, nslookup, access the ASDM, etc. I think NAT is where I need to be looking and I have tried NAT exempt rules with no luck. Can anyone help with this?

Thanks

I have this problem too.
0 votes
Correct Answer by JORGE RODRIGUEZ about 7 years 4 months ago

You need this ( if doing full tunnel ra vpn)

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00805734ae.shtml

example

same-security-traffic permit intra-interface

global (outside) 1 interface

nat (outside) 1

as for accessing ASA through RA tunnel or any ipsec tunnel you need couple of statements:

management-access inside ( provided your inside interface nameif is inside)

http inside

telnet inside

http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/m.html#wp1987122

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
JORGE RODRIGUEZ Mon, 09/14/2009 - 06:39

You need this ( if doing full tunnel ra vpn)

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00805734ae.shtml

example

same-security-traffic permit intra-interface

global (outside) 1 interface

nat (outside) 1

as for accessing ASA through RA tunnel or any ipsec tunnel you need couple of statements:

management-access inside ( provided your inside interface nameif is inside)

http inside

telnet inside

http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/m.html#wp1987122

Actions

This Discussion