cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
463
Views
0
Helpful
1
Replies

ASA 5520 Remote VPN and NAT

hashknife
Level 1
Level 1

I have a situation that may be solvable via NAT, but I'm not sure. I'm not as familiar with

the ASA 5520 8.0 as I'd like to be.

Preface:

ASA 5520 with IOS version 8.0 (can't upgrade because of RAM)

VPN accessed on a public address

VPN is setup and so that when clients connect, they're assigned a private IP address

from a pool range: 192.168.253.0/248.

Using Cisco AnyConnect VPN client

This works accessing all remote publicly addressed networks.

Client side cannot access remote privately addressed network (192.168.252.0/24).

Client side treats remote private address as a local route and will not go through the VPN.

I need to access 5 remote devices in this remote private address space via the VPN.

The privately addressed network sits on the same switch as the public networks and they all use

the same inside gateway, the the ASA 5520's Inside interface.

I'm unfamiliar with syntax of the NAT and ACL commands on the ASA 5520.

Questions:

If I use an unassigned public address space, can I NAT using

these public addresses to this private network on the ASA 5520 side?

If so, what commands/ subcommands and caveats do I need to know?

Will I need to set up a separate VPN policy on the ASA 5520?

If, so what would I need to setup?

I've tried to find a good command reference, but can't find what I want.

Do you all have any links I could try?

Thank you all very much for your time.

Regards,

Bryant C Mothershed

(just an old cowboy that wound up in IT...)

1 Reply 1

hashknife
Level 1
Level 1

Please disregard this question. I was completely off base with my thinking. It turned out to be a simple problem with the the remote access split tunnel ACL.

Sorry for the inconvenience, folks.

Thank you all very much for your time.

Regards,

Bryant C Mothershed

(just an old cowboy that wound up in IT...)

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: