cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Welcome to Cisco Firewalls Community


496
Views
0
Helpful
2
Replies
Beginner

Routing from vpn IP pool to inside zone

Hello everyone,

How can I create a routing from VPN IP pool to inside zone? Right now I have VPN on 10.0.100.1 /24 and my inside network on 10.0.50.1/24 how I can allow access to the inside zone from vpn ip pool?

Many thanks.

Everyone's tags (1)
1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Cisco Employee

Hi Mat,

Hi Mat,

You can create a nat-exempt rule on the ASA.

object network obj-internal   

subnet 10.0.50.0 255.255.255.0

object-network obj-pool

subnet 10.0.100.0 255.255.255.0

You need to create a manual NAT statement like this:

nat (inside,outside) source static obj-internal obj-internal destination static obj-pool obj-pool no-proxy-arp route-lookup

This would be enough to access the internal resources.

Regards,

Aditya

Please rate helpful posts.

View solution in original post

2 REPLIES 2
Beginner

Hi MediaNetMat,

Hi MediaNetMat,

it depends whether your VPN pool/traffic is bypassed your interface access lists or not.
You can check that under configuration > Remote Access VPN > Network (Client) Access > AnyConnect Connection Profiles

If it bypassed you can manage that with split-tunneling (under Group Policies) to define whether the traffic is going in the tunnel or not.
If it is not bypassed you also have to check your ruleset (the rules for "Incoming WAN Interface).

Hope this will help you

Highlighted
Cisco Employee

Hi Mat,

Hi Mat,

You can create a nat-exempt rule on the ASA.

object network obj-internal   

subnet 10.0.50.0 255.255.255.0

object-network obj-pool

subnet 10.0.100.0 255.255.255.0

You need to create a manual NAT statement like this:

nat (inside,outside) source static obj-internal obj-internal destination static obj-pool obj-pool no-proxy-arp route-lookup

This would be enough to access the internal resources.

Regards,

Aditya

Please rate helpful posts.

View solution in original post

CreatePlease to create content
Content for Community-Ad
FusionCharts will render here