12-21-2012 05:14 AM
Dear all,
we have servers protected by ASA firewall,
server IP range is 2.2.1.0/22, we use Cisco VPN (split tunneling) and cisco VPN client to manage server.
when we connect VPN we can only access 2.2.1.0/ 24 Range other range can accesseble.
Routes details in cisco VPN client shows 2.2.1.0/22 but we cant access other subnets ( 2.2.2.0 and 2.2.3.0).
Please help
Regards
vikas kumar
12-31-2012 04:25 PM
Vikas, try to do this. This hos is between your supernet /22 connected direct on ASA.
access-list VPN_NONAT extended permit ip 2.2.1.0 255.255.252.0 host 2.2.2.8
!
nat (INSIDE) 0 access-list VPN_NONAT
Good luck
If you feel confortble, please send me the configuration by e-mail or private message.
Cheers
Fabio
01-01-2013 12:04 PM
Dear Fabio
i have sent Config on private message.
thanks with regards
vikas kumar
01-08-2013 09:55 PM
maybe your split-tunnnel ACL should be like this?:
access-list VPN_splitTunnelAcl standard permit 2.2.0.0 255.255.252.0
01-01-2013 01:49 PM
i would suggest using a different subnet for VPN pool. and try using packet-tracer command to check where it is being blocked in the firewall.
you can also paste the output of the command here for us to analyze, if required.
01-09-2013 06:51 AM
if you wish you could put your nat config and tunnel configuration here to read it and this we might help you better.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide