Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA 5520 without spli tunnel local LAN access

hi,

can any one help me i how can i set up asa vpn client to be able to access network 10.50.0.0 which is behind the asa (my vpn box) i am currently able to do vpn to this box but beyond cant do anything. Please see attached config

5 REPLIES
New Member

Re: ASA 5520 without spli tunnel local LAN access

Hello.

You need to NOT NAT traffic between these subnets.

this can be achieved by apply the following configuration.

access-list acl-nat-zero extended permit ip 10.50.0.0 255.255.0.0 10.11.11.0 255.255.255.0

nat (inside) 0 access-list acl-nat-zero

Hope this helps.

Tim

New Member

Re: ASA 5520 without spli tunnel local LAN access

i did exactly what you said but still it does not work. ????

New Member

Re: ASA 5520 without spli tunnel local LAN access

Hello.

Your routing

route inside 10.50.0.0 255.255.0.0 172.16.21.1 1

Does 172.16.21.1 know to route to the firewall 21.14 for the 10.11.11.0/24 network?

Tim

New Member

Re: ASA 5520 without spli tunnel local LAN access

Yes it does know it.

its configured for 10.11.11.0/24 is reachable via 172.16.21.14

when a user is connected on my asa via vpn, i can see tha when i do show route it shows below:

S 10.11.11.1 255.255.255.255 [1/0] via 80.227.175.225, outside

is this normal?

New Member

Re: ASA 5520 without spli tunnel local LAN access

I'd have to check.

121
Views
0
Helpful
5
Replies
CreatePlease to create content