cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
909
Views
0
Helpful
2
Replies

Remote VPN no access to hosts

Hello Guys,

I have an ASA 5505 with two tunnels, one Site-to-Site (between two ASA 5505), and also I added a VPN for remote access using the Cisco VPN Cient. The thing that I discovered is that the connection Site-to-Site, I can reach hosts from the LANs, but using the VPN Client I only can reach the inside Interface of the ASA but not to the hosts.

Maybe something is missing in my ACL's but I wasn't able to determine what it is. Would you give me a hand on this?

Attached is my config file, and the LAN behind the ASA consist in a couple of vlans on the segment 192.168.0.0 /24 the VPN Client receives IP from the segment 10.10.10.X

Thanks in advance,

David Correa
1 Accepted Solution

Accepted Solutions

jj27
Spotlight
Spotlight

Hi David,

You are missing a NAT exemption statement. 

You need to add this:

access-list noNAT extended permit ip any 10.10.10.0 255.255.255.0

View solution in original post

2 Replies 2

jj27
Spotlight
Spotlight

Hi David,

You are missing a NAT exemption statement. 

You need to add this:

access-list noNAT extended permit ip any 10.10.10.0 255.255.255.0

Dear jjohnston,

You were right, I added the statement and now I can reach the hosts.

Thanks a bunch!

David Correa
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: