SVC Problem on ASA 7.1(2)

balsheikh · ‎12-10-2006

I tried to configure SVC (tunnel-mode) on ASA 7.1(2) and I reach the stage where I can connect with the SSL VPN but I can?t access any resources in the network.

Below is the configuration, appreciate any helpful assistance..

access-list WebVPN-ACL standard permit host 0.0.0.0

group-policy Partners internal

group-policy Partners attributes

dns-server value 10.100.13.100 195.226.224.74

vpn-tunnel-protocol IPSec webvpn

split-tunnel-policy excludespecified

split-tunnel-network-list value WebVPN-ACL

webvpn

deny-message value "Don't Ever Try"

svc enable

svc keep-installer installed

svc rekey time 30

svc rekey method ssl

tunnel-group WebVPN-Tunnel type webvpn

tunnel-group WebVPN-Tunnel general-attributes

address-pool WebVPN-User

default-group-policy Partners

tunnel-group WebVPN-Tunnel webvpn-attributes

group-alias Partners_department enable

webvpn

enable outside

svc image disk0:/sslclient-win-1.1.2.169.pkg 1

svc enable

tunnel-group-list enable

Regards,

Belal

smalkeric · ‎12-15-2006

Try these links:

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080702992.shtml

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080641a52.shtml

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080702999.shtml

r.vdoever · ‎12-19-2006

Define your internal networks in the split-tunnel acl, eg:

access-list WebVPN-ACL extended permit ip 10.100.13.0 255.255.255.0 any

no split-tunnel-policy excludespecified

split-tunnel-policy tunnelspecified