Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA + Allow VPN users Access to networked resources

Hello All,

I am attempting to allow remote vpn users access to a "shared drive" but I am running into problems. I have established the following:

1) A successfull VPN connection

2) VPN users get IP addresses in the following range: 192.168.1.0/24

When I attempt to allow the users access to the internal network which is on the 10.88.0.0 subnet, it errors out.

However, I am able to succesfully get out to the Internet after I VPN into my network but I JUST CANNOT access the shared drive.

The following information might be relavent:

ASA version 7.7(2)

On Static NAT for the Domain Controller

Internal: 10.88.0.2

External: 12.x.x.x

Firewall

Internel: 10.88.0.4

External: 12.x.x.x.

I have also attached a screen shot of the "Packet Trace" I performed. The error says it is a NATing issue. Any help would be appriciated. Thanks.

4 REPLIES
Green

Re: ASA + Allow VPN users Access to networked resources

Could you post the config?

Silver

Re: ASA + Allow VPN users Access to networked resources

access-list nonat permit ip 10.88.0.0/24 192.168.1.0/24

nat (inside) 0 access-list nonat

isakmp nat-t 10

Your vpn will work after that.

CCIE Security

New Member

Re: ASA + Allow VPN users Access to networked resources

Please see attachment for config.

New Member

Re: ASA + Allow VPN users Access to networked resources

Thank you very much. It worked !! Can you explain this command? I know it created a NAT exemption but I am clueless as to what it exactly means. Thanks !!!

244
Views
0
Helpful
4
Replies
CreatePlease login to create content