06-03-2015 07:39 AM
I have an ASA5505 version 9.0(3). I want to hairpin traffic destined for the internet for my VPN clients. The clients come in the same interface that they will need to go out for internet access. I have already seen the same-security-traffic permit intra-interface command and have tried this and still nothing. VPN clients are able to connect just fine and access all internal resources they are just unable to access the internet after connecting. Help.
Solved! Go to Solution.
06-03-2015 08:33 AM
Please refer to the configuration in this TAC document.
One key point you need is a NAT rule (outside,outside) for the VPN pool.
06-03-2015 08:33 AM
Please refer to the configuration in this TAC document.
One key point you need is a NAT rule (outside,outside) for the VPN pool.
06-03-2015 09:01 AM
That was it. Thanks Marvin!!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide