10-02-2017 07:25 AM - edited 03-12-2019 04:35 AM
So I am setting up a brand new VPN for my users on my ASA 5525 using ASDM 7.6(1). I walked throught he wizard to set up the system so my users can connect via AnyConnect. I installed the certs, set up RADIUS for authentication, etc... no issues. I connected and authenticated and instantly I lost all Intenet access and I could not access my LAN. I did read some articles about NAT and ACL setup, but I did not understand them well enough to be able to implememnt the solution to my system. I'd have thought the "Wizard" would have helped configure the VPN so my users could access my LAN.
Anyway, my address pool is 10.254.254.0/24 for the VPN users, I need them to access my inside VLAN object 10.10.1.2 (inside router) which will know how to route them once they are inside the network.
I don't even know what part of the config to provide, I'm guessing that it has to do with the NAT and/or ACL on my ASA, but I don't know what to do. Any help would be greatly appreciated.
Solved! Go to Solution.
10-03-2017 02:22 PM
I was too quick to say this issue was resolved. I'm still not able to see the inside network. I can authenticate to the VPN, and now I can browse the Internet while connected (unlike before) but I still cannot see the inside network. I've made sure my Web security appliance (sitting between the ASA and my Core switches) allows for 10.254.254.0/24 traffic, but I'm not even sure if that's needed by the time VPN traffic gets behind the inside interface. Something is stopping VPN traffic from coming in the inside interface and entering the LAN. What could it be?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide