ASA5505 VPN Tunnel access to corporate networks

Posted on 2012-09-18
Last Modified: 2012-09-20
I have a problem accessing some of my corporate network from remote VPN client connect to ASA5505.

Corporate networks are, and

My remote client  connect to WAN port and the LAN port on the router is on net

I can access all resources on the net. Default gateway on the net is a separate router, and this router provides access to the other corporate nets. (basic net diag attached)

I have routes configured on the ASA for and traffic to go via I can ping resources on those nets from the ASA.

I have split tunnelling configured on the ASA to tunnel traffic to the three corporate nets. And my vpn client identifies these three nets as secured routes.

Oh and its ASA version 8.4(3) so it has all the new NAT commands etc

ASA config is attached,any help would be great

Question by:GaryFovargue2020
    LVL 35

    Accepted Solution

    I'm missing the NAT exempts for the and networks. At the moment you only have:
    nat (inside,outside) source static NETWORK_OBJ_10.100.70.0_24 NETWORK_OBJ_10.100.70.0_24 destination static NETWORK_OBJ_10.100.70.240_28 NETWORK_OBJ_10.100.70.240_28 no-proxy-arp route-lookup
    nat (inside,outside) source static NETWORK_OBJ_10.100.70.0_24 NETWORK_OBJ_10.100.70.0_24 destination static NETWORK_OBJ_10.100.70.192_26 NETWORK_OBJ_10.100.70.192_26 no-proxy-arp route-lookup

    Author Closing Comment

    Thanks that was perfect, just added the NAT exempts for the oher 2 nets and worked like a dream
    LVL 35

    Expert Comment

    by:Ernie Beek
    My pleasure :)
    Thx 4 the points.

    Featured Post

    Courses: Start Training Online With Pros, Today

    Brush up on the basics or master the advanced techniques required to earn essential industry certifications, with Courses. Enroll in a course and start learning today. Training topics range from Android App Dev to the Xen Virtualization Platform.

    Join & Write a Comment

    #Citrix #Citrix Netscaler #HTTP Compression #Load Balance
    The use of stolen credentials is a hot commodity this year allowing threat actors to move laterally within the network in order to avoid breach detection.
    Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
    Here's a very brief overview of the methods PRTG Network Monitor ( offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

    746 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    16 Experts available now in Live!

    Get 1:1 Help Now