Hi All, I'm trying to give my remote AnyConnect users access to a network that is connected via an IPsec tunnel (ASA 5510 IPsec) from our main LAN.
AnyConnect VPN user----->ASA 5510 Local-LAN ----->IPsec tunnel ----->ASA 5510 Remote-LAN
AnyConnect user access this --------------------------------------------------------------------------------------> ASA 5510 Remote-LAN
AnyConnect ip pool 192.168.117.0/24
Local-LAN ip 192.168.112.0/24
Remote-LAN ip 192.168.133.0/24
I have in my config:
access-list Split-Tunnel standard permit 192.168.133.0 255.255.255.0 (Remote-LAN ip)
object network RESI_ANYCONNECT
subnet 192.168.117.0 255.255.255.0
object network IPSEC-HOSTS
subnet 192.168.133.0 255.255.255.0
nat (outside,outside) source static IPSEC-HOSTS IPSEC-HOSTS destination static RESI_ANYCONNECT RESI_ANYCONNECT
same-security-traffic permit intra-interface
Cheers for any sugestions
ASA has 8.4(4)