ASA 5505 VPN works great but clients unable to access internet through tunnel

Answered Question
Jan 27th, 2010
User Badges:

We have an ASA 5505 running ASA 8.2.1, and using IPSec clients to Remote access into the main office.  The remote access is working great, with full access to the network resources at the main office, and the one thing I can't get to work is internet access through the tunnel.  I do not want to use split tunnelling.  I am using ASDM 6.2.1 for configuration.  Any assistance is appreciated.  I am probably missing something simple, and have looked at it so much, I am probably looking right past the mistake.  Thanks in advance for your time and assistance!    Jim

Correct Answer by james.bastnagel about 7 years 1 month ago

add a nat statement for your client segment on the outside interface


nat (outside) access-list


then allow traffic to be routed back out the same interface it came in on


same-security-traffic permit intra-interface


*

*


*more info can be found here:

http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00807...



On Wed, Jan 27, 2010 at 11:12 PM, jimcanova <

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
james.bastnagel Thu, 01/28/2010 - 06:58
User Badges:

add a nat statement for your client segment on the outside interface


nat (outside) access-list


then allow traffic to be routed back out the same interface it came in on


same-security-traffic permit intra-interface


*

*


*more info can be found here:

http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00807...



On Wed, Jan 27, 2010 at 11:12 PM, jimcanova <

pudawat Thu, 01/28/2010 - 17:29
User Badges:

HI,



Just add the commands to Uturn the traffic from the outside inerface,


nat (outside) 1 subnet mask

global (outside) 1 interface


All the VPN client users would take ASAs public IP to go to the internet.Check Whatismyip.com


Regards,


Pradhuman

Actions

This Discussion