Remote vpn client unable to access outside networks

Answered Question

I configured a remote vpn ASA 5510 using the remote vpn wizard. Users are able to get the vpn connection and access the Inside network; but UNABLE to

access the outside network. (For Inside network, i am referring to network behind the ASA vpn; the outside networks refers to the company's outside the ASA).

In brief, the company's outside network has default route points to the router1. The router1 has route for the inside network, and a default route to the internet. The ASA has a default route points to the router1. the router1 also has a route for the the remote vpn user's address points to the ASA.

Hope it make sense.


But I am not sure if my nat statement are correct. below is my nat statement, is there something obvious missing? There is no network translation here, all addresses are internet routable.


nat (inside) 0 access-list inside_nat0_outbound

static (inside,outside) 111.1.0.0 111.1.0.0 netmask 255.255.255.0

static (inside,outside) 111.1.1.0 111.1.1.0 netmask 255.255.255.0

static (inside,outside) 111.1.2.0 111.1.2.0 netmask 255.255.255.0


                                                                         company's Outside networks (111.1.3.0/24; 111.1.4.0/24)

                                                                                       |

                                                                                       |

remote vpn user  <-------------- >  internet  <---------------------> router1 --------------ASA ---------Cat6509----------Inside network


Any suggestion is appreciated.


Thanks,

Correct Answer by Yudong Wu about 7 years 1 month ago

did you enable "same-security-traffic intra-interface"

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.

Actions

This Discussion