Solved: Access to External Network while connected to VPN

twebb · ‎11-14-2007

I have a 5505 that I've successfully setup an IPSEC connection up to. It is using NT authentication against Active Directory to authenticate. After I connect, I can access everything on the remote (internal) network. I can not access anything on the internet.

Anything behind the ASA can get to the internet, it's the vpn clients that can't get back out.

The syslog messages show the vpn clients buiding up and tearing down ICMP connections if they are trying to ping externally, but they get no response.

I know it's most likely an ACL or NAT statement that I'm missing, any ideas?

config attacched

acomiskey · ‎11-14-2007

You have 2 options.

Split tunneling, unencrypted access to internet.

Public internet on a stick, internet traffic is tunneled to outside of ASA and back out.

same-security-traffic permit intra-interface

global (outside) 1 interface

nat (outside) 1

View solution in original post

acomiskey · ‎11-14-2007

You have 2 options.

Split tunneling, unencrypted access to internet.

Public internet on a stick, internet traffic is tunneled to outside of ASA and back out.

same-security-traffic permit intra-interface

global (outside) 1 interface

nat (outside) 1

twebb · ‎11-14-2007

acomisky,

Thanks a lot for your help. I knew that split-tunneling would allow it to work but I was trying to avoid that (I should of added that that in the original post). Thanks again for the second method, as it is exactly what I was looking for.

Tyler