Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
630
Views
0
Helpful
1
Replies

vpn routing problem

konstaninosoregano
Level 1
Level 1

‎09-19-2009 03:10 AM

hello!

i recently configured on a cisco asa 5520 remote access using ipsec.

the remote client uses cisco vpn client.

the vpn client successfully authenticats and connects to the asa, however i dont have access to the lan. this is the first time that i configure cisco vpn on an asa.

for one,because the lan subnet and the internal ip of the asa are different,im not sure which ip would be the most appropriate to assign the vpn client.secondly,ive read on other posts here about the nonat command and its involvement with the acl, but im not clear on it.im attaching my running config as to give a better understanding...thanks alot in advance!!

Labels:
Preview file
14 KB
0 Helpful
1 Reply 1

acomiskey
Level 10
Level 10

‎09-21-2009 12:01 PM

Use a pool which is different than your lan subnet.

For example, if your pool is 192.168.x.0 255.255.255.0

then you will need...

access-list nonat extended permit ip any 192.168.x.0 255.255.255.0

nat (inside) 0 access-list nonat

Also add..

crypto isakmp nat-traversal

0 Helpful
Customers Also Viewed These Support Documents