Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

VPN: Fulltunnel doesn't allow access on internet

Hi group!

We have a Asa 5505 in our rack.

I want to connect our office via vpn to our Asa. It should be a fulltunnel, because in our office many ports are blocked by our provider and I want to use our rack-public-interface and therethore a split-tunnel is not really good.

But if I build up a fulltunnel I have no connection to the gateway. Servers in the rack (inside) can access outside.

I attach our config. Thanks in advantage!

Gerd

1 ACCEPTED SOLUTION

Accepted Solutions

Re: VPN: Fulltunnel doesn't allow access on internet

Could not read properly your config, could you re-attach config in a legible format, but I see your vpn pool is 192.168.0.0/24.

For RA internet access in fulltunnel you need two statements, try adding these two statements and let us know how it works out.

same-security-traffic permit intra-interface

nat (outsisde) 1 192.168.0.0 255.255.255.0

Rgds

-Jorge

3 REPLIES

Re: VPN: Fulltunnel doesn't allow access on internet

Could not read properly your config, could you re-attach config in a legible format, but I see your vpn pool is 192.168.0.0/24.

For RA internet access in fulltunnel you need two statements, try adding these two statements and let us know how it works out.

same-security-traffic permit intra-interface

nat (outsisde) 1 192.168.0.0 255.255.255.0

Rgds

-Jorge

New Member

Re: VPN: Fulltunnel doesn't allow access on internet

Thats it - pefect!

A permit rule for outgoing traffic was missing, but this was no problem.

Re: VPN: Fulltunnel doesn't allow access on internet

Glad all worked out, thanks for the rating.

Bst Rgds

-Jorge

117
Views
0
Helpful
3
Replies
CreatePlease to create content