[Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 445
  • Last Modified:

Setting up Cisco ASA 5510 for SSL VPN woes

I have gone through the steps provided by Cisco to setup an SSL VPN for use with the Any Connect client. The VPN connection establishes fine and the client receives the correct IP address, however it cannot ping or reach any of the clients on the network. Is there a step I may had forgotten?

Steps I followed: http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008071c428.shtml
0
ICG
Asked:
ICG
  • 2
1 Solution
 
jmeggersCommented:
What version of code are you running on the ASA?  It's most likely a NAT issue.
0
 
ICGAuthor Commented:
I was assuming it was a NAT or ACL issue as well. It's ASA version 8.2.4.
0
 
ICGAuthor Commented:
I believe I am lacking the NAT exemption rules. Our address pool is 192.168.10.0 /24. The address pool assigned to the vpn clients is 192.168.10.30-35. How should the exemption rule look?
0
 
gavvingCommented:
Check to see if you have a 'nat (inside) 0 access-list blahblah' command.  If you have an access-list blahblah then add my entry below to it.  Otherwise add both entries.

access-list nonat permit ip 192.168.10.0 255.255.255.0 192.168.10.0 255.255.255.0
nat (inside) 0 access-list nonat

0

Featured Post

New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now