we have servers protected by ASA firewall,
server IP range is 220.127.116.11/22, we use Cisco VPN (split tunneling) and cisco VPN client to manage server.
when we connect VPN we can only access 18.104.22.168/ 24 Range other range can accesseble.
Routes details in cisco VPN client shows 22.214.171.124/22 but we cant access other subnets ( 126.96.36.199 and 188.8.131.52).
i have checked, servers on two subnets can reach IP assigned to VPN client Machine.
looks like firewall rule blocking.
First of all i need to know if your network envirnment 184.108.40.206/22 is behide L3 device before ASA Inside Interface, is yes you need to have the following static route:
route INSIDE 220.127.116.11 255.255.252.0 "18.104.22.168" L3 device Interface
After that, you neet to take a look your NAT0:
===> No Nat <===
access-list VPN_NONAT extended permit ip 22.214.171.124 255.255.252.0 192.168.1.0 255.255.255.0 " this is an example to vpn address Pool"
nat (INSIDE) 0 access-list VPN_NONAT
Fabio Jorge Amorim
thanks for reply.
Please find attached setup diagrame Top of this discusstion.
I have checked configuration
i am bit confused about routing
please find output
Result of the command: "show run | in pool"
ip local pool new-vpn-pool 126.96.36.199-188.8.131.52 mask 255.255.252.0