Solved: Re: vpn issues

carlo-tail · ‎07-11-2008

Hi,

I've bought an ASA5505 and I'm setting it up as a firewall and vpn server.

After many tries my vpn client connected to the server, but now i can't access to my 'inside' network either to the internet...

What's wrong with my config?

My router (192.168.1.254) is linked to eth0 and my vpn client (192.168.1.10 - assigned by dhcp) is connected to eth7...

Ps: if you have any suggestion to improve my network security feel free to suggest ^_^

(Sorry but this is the first time that I set-up a vpn, so I'm deeply ignorant about this)

a.alekseev · ‎07-11-2008

access-list NO-NAT permit ip any 192.168.10.0 255.255.255.0

nat (inside) 0 access-list NO-NAT

access-list SPLIT-T standard permit 192.168.0.0 255.255.255.0

group-policy Tailoradio attributes

split-tunnel-policy tunnelspecified

split-tunnel-network-list value SPLIT-T

no crypto dynamic-map outside_dyn_map 20 set nat-t-disable

no crypto map inside_map interface inside

no crypto isakmp enable inside

crypto isakmp nat-traversal

carlo-tail · ‎07-11-2008

This is the right configuration file

a.alekseev · ‎07-11-2008

access-list NO-NAT permit ip any 192.168.10.0 255.255.255.0

nat (inside) 0 access-list NO-NAT

access-list SPLIT-T standard permit 192.168.0.0 255.255.255.0

group-policy Tailoradio attributes

split-tunnel-policy tunnelspecified

split-tunnel-network-list value SPLIT-T

no crypto dynamic-map outside_dyn_map 20 set nat-t-disable

no crypto map inside_map interface inside

no crypto isakmp enable inside

crypto isakmp nat-traversal

carlo-tail · ‎07-11-2008

Perfect, now it's working! ^_^

Is there any way to propagate local lan hostnames to the vpn client?

a.alekseev · ‎07-11-2008

Nice to hear

You can propagate WINS, and DNS servers for the client.

[Pls RATE if HELPS]