12-27-2011 09:49 AM - edited 03-11-2019 03:07 PM
Hello,
after upgrading an ASA 5520 to 8.4.2-8 VPN clients traffic is not passing destinations other then destinations behind the inside interface. the log shows routing failure for the vpn client on the inside interface.
it was working fine with 8.4.1 but the traffic is originated from the outside interface.
Can anybody confirm the the interface for VPN clients changed from outside to the inside interface.
thanks
Alex
Solved! Go to Solution.
12-27-2011 10:34 AM
Hello Alex,
Ok, step number one:
- On the Nat configuration for the VPN ( NO nat rule) please change the nat statement from any to any to nat (inside,outside)
Also add the route-lookup command at the end of the nat statement, so it should look like this
nat (inside,oudside) source static Local-lan Local-lan destination Other-site Other-site route-lookup.
Regards,
Please rate helpful posts
Julio
12-27-2011 09:57 AM
Hello Alex,
I think you are hitting bug ID CSCts89806, before confirming that, can you provide your VPN and nat configuration.
Regards,
Do please rate helpful posts.
Julio
12-27-2011 10:18 AM
12-27-2011 10:34 AM
Hello Alex,
Ok, step number one:
- On the Nat configuration for the VPN ( NO nat rule) please change the nat statement from any to any to nat (inside,outside)
Also add the route-lookup command at the end of the nat statement, so it should look like this
nat (inside,oudside) source static Local-lan Local-lan destination Other-site Other-site route-lookup.
Regards,
Please rate helpful posts
Julio
12-27-2011 03:35 PM
Hi Julio,
you were right, i reconfigured my NAT rules and it was working.
Thank you very much for your help.
regards
alex
12-27-2011 03:59 PM
Hello,
It is a pleasure to help.
Regards,
Julio
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide