How can I assign IP pools of different subnet to anyconnect clients?

Unanswered Question
Jun 28th, 2010

Hi,


I am trying to set up my ASA 5510 ver 8.3 (ASDM 6.3). My inside network is 192.168.1.0 mask 255.255.255.0. My Anyconnect clients can access the inside network if I use an address pool of the same subnet. When I use an address pool of different subnet such as 172.16.1.*, Anyconnect clients can connect but they can't access the inside network. Please help!


Thanks,

Simon

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jennifer Halim Mon, 06/28/2010 - 03:44

You would need to create NAT exemption for ip pool in different subnet as follows:


object network obj-192.168.1.0

     subnet 192.168.1.0 255.255.255.0

object network obj-172.16.1.0

     subnet 172.16.1.0 255.255.255.0


nat (inside,outside) source static obj-192.168.1.0 obj-192.168.1.0 destination static obj-172.16.1.0 obj-172.16.1.0


Hope that helps.

Actions

This Discussion