VPN Access

j-baptistamartins · ‎12-15-2007

Hi all,

I have a problem I am configuring a pix 515e, and I want to configure a VPN (remote access) to access to my work network, but I have a problem i can connect to my internal network and use internet from my internal network.

But I can't access to any other resource for example (remote desktop).

I am using Cisco pix version 8.0(2) with ASDM 6.0.

Can anyone help me?

Alan Huseyin Kayahan · ‎12-15-2007

Hi Jose

Your VPN pool has a subnetmask of 255.0.0.0 but 255.255.255.240 is specified your exempt nat rule. Anyway I suggest you to change your VPN pool to different range since 10.0.0.0 255.0.0.0 overlaps your raccesspool. Also in order to keep local LAN connectivity of VPN client, apply split tunneling. Config that you should add is below

access-list split_T permit ip 10.0.0.0 255.0.0.0 172.16.10.0 255.255.255.0

access-list inside_nat0_outbound permit ip 10.0.0.0 255.0.0.0 172.16.10.0 255.255.255.0

no access-list inside_nat0_outbound extended permit ip any 10.00.240 255.255.255.240

ip local pool vpnpool 172.16.10.1-172.16.10.254 mask 255.255.255.0

tunnel-group raccess general-attributes

address-pool vpnpool

quit

group-policy raccess attributes

split-tunnel-network-list split_T

Regards

VPN Access

Catalyst SD-WAN : Generic SIGを用いたSecure AccessとのIPsec VPNの確立

Secure Access: How to

Secure Access: ZTA Private Access の3つの Enforcement Mode について

[Q&A 集公開] 10/16 開催 Catalyst SD-WAN と Secure Access 連携

Secure Access: Umbrella動作確認URLのSecure Accessでの使用