03-20-2006 11:26 PM - edited 02-21-2020 02:19 PM
Hi ALL
I have configure remote access VPN on my ASA 5510
Below are my configuration
isakmp policy 1 authentication pre-share
isakmp policy 1 encryption 3des
isakmp policy 1 hash sha
isakmp policy 1 group 2
isakmp policy 1 lifetime 43200
isakmp enable outside
ip local pool vpnpool 192.168.4.10-192.168.4.245
username test password test
crypto ipsec transform set FirstSet esp-3des esp-md5-hmac
tunnel-group nslgroup type ipsec-ra
tunnel-group nslgroup general-attributes
address-pool vpnpool
tunnel-group nslgroup ipsec-attributes
pre-shared-key test
crypto dynamic-map dyn1 1 set transform-set nslSet
crypto dynamic-map dyn1 1 set reverse-route
crypto map mymap 1 ipsec-isakmp dynamic dyn1
crypto map mymap interface outside
After i connected successfully I look at my VPN adapter configuration under IPconfig/all and this is what i got
IP address 192.168.4.10
subnet 255.255.255.0
gateway 192.168.4.10
I have no issue connecting my cisco VPN client from outside, No problem with the user authentication as well. But i am facing a issue when I try to ping any internal servers i am not getting a respone at all.
Appreciate if u guys can help me around with this
Thank you
03-21-2006 12:15 AM
Enable NAT-T for ISAKMP, in config mode:
isakmp nat-traversal
Hope this helps let me know how you get on and please rate post if it helps.
Jay
03-21-2006 12:53 AM
Hi Jay
Thank you for your reply
this is the command below i use to get it working
access-list nonat permit ip internal_network/mask ip_local_pool/mask
nat (inside) 0 access-list nonat
03-21-2006 12:59 AM
Glad to hear all is working, you didn't show all of your config on the original post so I presumed that you already had the nat 0 and acl setup!!
Anyway well done, :)
03-23-2006 05:22 PM
Thank Pal!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide