Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

VPN Connection limited

Hey all!

I recently set up a SSL VPN to my work, however i am able to hit the ASA and log in, but after i log in, i cant get to anything, such as internet, intranet or any program will not connect up to our server. Any ideas?

1 REPLY

Re: VPN Connection limited

Could you post sanatized config..

basically the access from ssl vpn network pool to inside network and access to internet entails couple of basic statements.

for ssl vpn pool network you have assigned you need to permit ssl vpn pool network and inside network into your nat0 outbound access list bound to the nat (inside) 0 exempt statement.

for exmaple:

say your ssl vpn pool network is 20.20.20.0/24

and your inside network is 30.30.30.0/24

you shoudl have an access list as:

access-list inside_nat0_outbound extended permit ip 30.30.30.0 255.255.255.0 20.20.20.0 255.255.255.0

the same principle applies if you have any other different inside network numbers other than 30.30.30.0/24 ..

your nat exempt statement would be:

nat (inside) 0 access-list inside_nat0_outbound

for ssl vpn network internet access you would need:

nat (outside) 1 20.20.20.0 255.255.255.0

the 1 would be global pool ID that normally is your outside interface and 20.20.20.0 the ssl vpn network.

additionaly you may also need statement :

same-security-traffic permit intra-interface

in order to allow ssl vpn pool internet traffic get out the same interface ssl vpn client connected in.

Rgds

-Jorge

108
Views
0
Helpful
1
Replies
CreatePlease to create content