Hi all, I seem to be having the same problem. I can connect my vpn client to the Cisco PIX, but I cannot access my internal IP ranges. My network is as follows:
I have one old IP range (192.168.1.0/24) connected without VLAN ID on the inside interface
I have one new infrastructure VLAN with the range of 172.16.100.0/24 and VLAN ID 100
I have one new Clients VLAN with the range of 172.16.101.0/24 and VLAN ID 101
I have a VPN pool in the range 172.16.102.0/24
If I connect, I get an IP address in the correct range (172.16.102.1). I also can see the secured routes showing up in my statistics screen. However, I am unable to ping, rdp or smb any of my resources on either one of the local networks.
Maybe my problem is caused due to the application of multiple IP ranges, but the answer to my problem might just answer his problem as well.
(In my case it is a PIX problem, but might be the same as with your ASA)
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...