Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Cisco VPN client on ASA

I understand the basics of setting up VPN client on PIX or ASA but could someone tell me how the pool addresses (ie 192.168.1.x) then interact with say the LAN addresses behind the firewall (ie 10.1.1.x)?

I assume the firewall takes care of all the routing between the distinct networks? I'm just not sure which part of the config would relate to this?

3 REPLIES
Community Member

Re: Cisco VPN client on ASA

The pool address should be distinct from the LAN but routable from it. On the ASA 8.0 you don't even have to configure a loopback address (in IOS you have to).

For example if you use 192.168.1.x/24 on the inside, create a new subnet 192.168.3.x/24 just for the vpn pool and make sure that you advertise that network from the firewall or router connected to it so internal nodes can access it.

Hope that helps.

Community Member

Re: Cisco VPN client on ASA

if the ASA was also the default gateway for any internal nodes i assume they would be able to route back to the VPN pool anyway as they default gateway-ed through the ASA?

Community Member

Re: Cisco VPN client on ASA

Yes you are correct. Think of this as another network that is attached to that ASA but it's attached virtually.

208
Views
3
Helpful
3
Replies
CreatePlease to create content