08-09-2019 04:04 AM
Hello All.
I have an ASA 5506 and i have 2 problems with my VPN.
1- when i make a split tunnel it works and i get access to the internet but i can't access my local network.
2- if im not using a split tunnel i can access my local network except one Subnet For example:
Servers Subnet:172.16.11.0/24
CCTV Subnet:172.16.18.0/24
i can access the Servers Subnet but i can't do the same with CCTV Subnet.
Can anyone help me with this??
Thanks in advance.
08-09-2019 08:07 AM
Can you please share the config of your ASA
08-10-2019 04:51 PM
Create a split tunnel that includes only the networks you wish to access. The access list referenced by the split tunnel command should encompass both subnets 172.16.11.0/24 and 172.16.18.0/24. Ensure the subnets are reachable from the ASA.
ciscoasa(config)#access-list Split_Tunnel_List remark The corporate network behind the ASA. ciscoasa(config)#access-list Split_Tunnel_List standard permit 10.0.1.0 255.255.255.0
ciscoasa(config)#group-policy hillvalleyvpn attributes ciscoasa(config-group-policy)#
ciscoasa(config-group-policy)#split-tunnel-policy tunnelspecified
ciscoasa(config-group-policy)#split-tunnel-network-list value Split_Tunnel_List
ciscoasa(config-tunnel-ipsec)# default-group-policy hillvalleyvpn general-attributes
ciscoasa(config-tunnel-ipsec)# default-group-policy hillvalleyvpn
ASA/PIX: Allow Split Tunneling for VPN Clients on the ASA Configuration Example
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: