I have a Cisco ASA 5505 which is the default router (as in the diagram) and a newer router which is being used for mobile VPN exclusively. Eventually the Cisco ASA 5505 will be decommissioned and the VPN router will be the sole router, but for the time being I do not want to remove it.
The issue I'm having is communicating between the subnet used by VPN clients and LAN clients. If I setup a static route on the client PC there are no issues. I.e. VPN and LAN client can communicate as expected. I would rather not have to setup static routes on each LAN clients so I thought the Cisco ASA 5505 could do the routing instead.
I thought static route on the ASA a below (configured via ASDM) would work.
Interface: LAN
IP Address and netmask: VPN Subnet
Gateway IP: LAN IP 2 (IP address of VPN router on the LAN)
I thought that would be sufficient, but it seems it isn't.
I added a NAT Exemption for the VPN subnet. Still no good. It seems there are some NAT issues, but I want it to be exempt... Not a Cisco expert, so I would rather use ASDM if possible.
Thanks,
LD