Clientvpn configuration on ASA

Unanswered Question
Dec 7th, 2009

So there is a hub and spoke topology. The client/remote ASA has clientvpn enabled. Traffic between the client and head-end site flows fine, but all Internet-destined traffic from the client site routes across the VPN and then to the Internet from the head-end location. I would like this Internet traffic to head out the local Internet connection. The split tunnel ACL is defined but doesn't seem to be working or is not configured properly. Also, there is no NAT configuration on the client ASA but I receive the following when I attempt to configure NAT:

[OK] access-list inside_nat0_outbound line 1 extended permit ip

[ERROR] nat (inside) 0 access-list inside_nat0_outbound  tcp 0 0 udp 0

Policy NAT cannot be be configured with VPN Client enabled.

Any advice is appreciated!

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion