I have just setup a IPSEC Remote Access VPN. I can log in from the client with no problem. I recieve a IP address from a seperate Pool than my Inside network DHCP Pool. I desire to browse everything inside my (inside Interface) network fwhenever I log into a session using the Cisco VPN software from home. My current config is below. This is a lab. Thanks.
I'm not sure if this is your only issue, but you're missing a nat exemption rule so that return traffic from your internal lan destined for your vpn pool doesn't get natted, so you'll need something similar to this:
access-list nonat permit ip 192.168.3.0 255.255.255.0 192.168.75.0 255.255.255.0
I did what you said and it did not work. I have noticed that the sent traffic was encrypted but, there was no returned decrypted traffic. It seems as if traffic leaves the software client going to the inside interface of the ASA but not returning. Should there be a route or ACL in place to make the inside network browsable from the laptop software VPN client? Thanks.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...