Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Route Internet Traffic through a RA IPSec VPN Tunnel

Armed with an ASA 5505 Security Plus, I have setup IPSec VPN for RA. The VPN IP Address pool is in the 192.168.2.0/28 network.

The Lan is 192.168.1.0/24 with the inside interface at .254.

The VPN works fine. What I would like to do is route all internet traffic through the Firewall when users are connected to the VPN. I have set the default tunnel gateway to 192.168.1.254, but I am having no luck getting this to work.

Any ideas?

Thanks in advance!

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: Route Internet Traffic through a RA IPSec VPN Tunnel

Are you just going to route the internet traffic from the remote vpn client towards the ASA and straight back out to the internet?

If the above statement is correct, you don't need to configure the tunnel default gateway.

But you need to configure NAT for the ip pool so they can go out to the internet, as well as the "same-security-traffic" command as follows:

nat (outside) 1 192.168.2.0 255.255.255.0

same-security-traffic permit intra-interface

Also, assuming you do not have split tunnel configured.

1 REPLY
Cisco Employee

Re: Route Internet Traffic through a RA IPSec VPN Tunnel

Are you just going to route the internet traffic from the remote vpn client towards the ASA and straight back out to the internet?

If the above statement is correct, you don't need to configure the tunnel default gateway.

But you need to configure NAT for the ip pool so they can go out to the internet, as well as the "same-security-traffic" command as follows:

nat (outside) 1 192.168.2.0 255.255.255.0

same-security-traffic permit intra-interface

Also, assuming you do not have split tunnel configured.

378
Views
0
Helpful
1
Replies