Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

strange asa problem

Hi,

I have the situation in the attachment.

I've set up a remote access vpn for client 2 to access some networks behind R1 and R2. There is no NAT involved. The network uses OSPF. The routes are injected into OSPF using RRI. I've activated the same-security-traffic permit intra-interface to allow traffic to R2 also.

All is fine, all routers learn the new route but the trouble is that I can only access hosts behind R1. A traceroute from behind R2 dies in ASA. A traceroute from the vpn client doesn't even leave ASA.

To make a test I made another vpn connection profile for the inside interface and tested it with the client 1. This client is able to access all hosts, both behind R1 and R2.

What am I missing?

Thanks.

BR,

Gabriel Gearip

3 REPLIES
New Member

Re: strange asa problem

Any ideea?

Green

Re: strange asa problem

Could you post a config?

Does it work if you add...

global (outside) 1 interface

nat (outside) 1

New Member

Re: strange asa problem

Yes, it works but I don't want to nat the vpn clients; also only the clients will be able to communicate with the outside world.

I will post a config on Monday when I'll get to work.

Thanks.

BR,

Gabriel Gearip

128
Views
0
Helpful
3
Replies