Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Trying to set up VPN Client with Hairpinning on ASA5510

Hi,

I am trying to set up our ASA5510 so users can connect to our work LAN and browse the Internet as well.

I've followed the Cisco guide, I connect and I'm given a 192.168.10.x address as needed but I can not connect to anything on our 10.0.0.0/24 work network nor surf the Internet.

Could someone please check my config and see what is wrong, there is also a L2L vpn on here to a 192.168.3.0 network but that works without issues

Many Thanks,

Chris

1 ACCEPTED SOLUTION

Accepted Solutions
Silver

Re: Trying to set up VPN Client with Hairpinning on ASA5510

Hello Chris,

Add following access-list statement.

access-list INSIDE_nat0_outbound extended permit ip 10.0.0.0 255.255.255.0 192.168.10.0 255.255.255.0

And for hairpinning the internet traffic add following command:

same-security-traffic permit intra-interface

Check and post results.

HTH

Saju

pls rate helpful posts

3 REPLIES
New Member

Re: Trying to set up VPN Client with Hairpinning on ASA5510

.

Silver

Re: Trying to set up VPN Client with Hairpinning on ASA5510

Hello Chris,

Add following access-list statement.

access-list INSIDE_nat0_outbound extended permit ip 10.0.0.0 255.255.255.0 192.168.10.0 255.255.255.0

And for hairpinning the internet traffic add following command:

same-security-traffic permit intra-interface

Check and post results.

HTH

Saju

pls rate helpful posts

New Member

Re: Trying to set up VPN Client with Hairpinning on ASA5510

Thanks for your help, I already had "same-security-traffic permit intra-interface" but adding the access-list did the trick!

Thanks again

Chris

143
Views
5
Helpful
3
Replies