06-24-2007 10:41 PM - edited 03-11-2019 03:34 AM
Hi All,
I created a remote access VPN on my ASA through ASDM. The internal LAN in 192.168.14.x; the remote access pool uses 10.254.14.x; my vpn client logs in normally, but once in, i am not able to reach 192.168.14.x; any tips?
06-25-2007 02:52 AM
Hi,
it can be you have not configured access-list nonat,ex. access-list nonat perm ip 10.254.14.0 255.255.255.0 10.254.14.0 255.255.255.0
and command nat (inside) 0 access-list nonat
HtH
Zdenek
06-25-2007 02:55 AM
Sorry fot the mistake,
access-list shall be access-list nonat perm ip 192.168.14.0 255.255.255.0 10.254.14.0 255.255.255.0
06-25-2007 03:29 AM
Hi .. please check:
1.- That your routing is correct. The segment 192.168.14.x should know how to get back to 10.254.14.X. those returned packets need to reach the inside interface of the ASA.
2.- You might need to enable NAT-T whiach is not enabled by default. The command is
crypto isakmp nat-traversal 20
I hope it helps .. please rate it if it does !!!
06-25-2007 03:35 AM
Hi guys,
it turned out i needed to add the following to the inside access-list:
access-list inside_acl extended permit ip any 10.254.14.0 255.255.255.0
when applied, i could get responses from 192.168.14.x machines.
thank you for your contributions.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: