topic remote access vpn ip pool cannot access vlan in Network Security https://community.cisco.com/t5/network-security/remote-access-vpn-ip-pool-cannot-access-vlan/m-p/1183360#M877779 <P>we have an ip pool allocated on the firewall (ASA 5520) for remote access vpn. vpn users can access all internal resources with the exception of the following segments:</P><P></P><P>192.168.200.0\24</P><P></P><P>There are no ACL's on the vlan interface to block this traffic, the problem appears to be on the firewall. Here's all the nonatI have for the IP pool segment (10.20.50.0\24):</P><P></P><P>access-list inside_nat0_outbound extended permit ip 10.0.0.0 255.0.0.0 10.20.50.0 255.255.255.0</P><P>access-list inside_nat0_outbound extended permit ip 10.20.99.0 255.255.255.0 10.20.50.0 255.255.255.0</P><P>access-list inside_nat0_outbound extended permit ip any 10.20.50.0 255.255.255.0</P><P>access-list inside_nat0_outbound extended permit ip 192.168.4.0 255.255.255.0 10.20.50.0 255.255.255.0</P><P>access-list inside_nat0_outbound extended permit ip 192.168.200.0 255.255.255.0 10.20.50.0 255.255.255.0 </P><P></P><P>Again, the routing is not the problem.</P> Mon, 11 Mar 2019 14:35:50 GMT ronshuster 2019-03-11T14:35:50Z remote access vpn ip pool cannot access vlan https://community.cisco.com/t5/network-security/remote-access-vpn-ip-pool-cannot-access-vlan/m-p/1183360#M877779 <P>we have an ip pool allocated on the firewall (ASA 5520) for remote access vpn. vpn users can access all internal resources with the exception of the following segments:</P><P></P><P>192.168.200.0\24</P><P></P><P>There are no ACL's on the vlan interface to block this traffic, the problem appears to be on the firewall. Here's all the nonatI have for the IP pool segment (10.20.50.0\24):</P><P></P><P>access-list inside_nat0_outbound extended permit ip 10.0.0.0 255.0.0.0 10.20.50.0 255.255.255.0</P><P>access-list inside_nat0_outbound extended permit ip 10.20.99.0 255.255.255.0 10.20.50.0 255.255.255.0</P><P>access-list inside_nat0_outbound extended permit ip any 10.20.50.0 255.255.255.0</P><P>access-list inside_nat0_outbound extended permit ip 192.168.4.0 255.255.255.0 10.20.50.0 255.255.255.0</P><P>access-list inside_nat0_outbound extended permit ip 192.168.200.0 255.255.255.0 10.20.50.0 255.255.255.0 </P><P></P><P>Again, the routing is not the problem.</P> Mon, 11 Mar 2019 14:35:50 GMT https://community.cisco.com/t5/network-security/remote-access-vpn-ip-pool-cannot-access-vlan/m-p/1183360#M877779 ronshuster 2019-03-11T14:35:50Z Re: remote access vpn ip pool cannot access vlan https://community.cisco.com/t5/network-security/remote-access-vpn-ip-pool-cannot-access-vlan/m-p/1183361#M877780 <HTML><HEAD></HEAD><BODY><P>What does the asdm real time log tells you? </P><P></P><P>what interfaces in asa are these networks coming from? </P><P>10.20.99.0/24</P><P>192.168.4.0/24</P><P>192.168.200.0/24 </P><P></P><P>what are your ASA nat statements look like in reference to these nat exempt acls, posting sanatize config and some logs will help us in giving clues to what the problem could be. </P><P></P><P>Regards</P><P></P></BODY></HTML> Mon, 12 Jan 2009 23:44:35 GMT https://community.cisco.com/t5/network-security/remote-access-vpn-ip-pool-cannot-access-vlan/m-p/1183361#M877780 JORGE RODRIGUEZ 2009-01-12T23:44:35Z