[Webinar] Streamline your web hosting managementRegister Today

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1081
  • Last Modified:

ASA5505 VPN Tunnel access to corporate networks

I have a problem accessing some of my corporate network from remote VPN client connect to ASA5505.

Corporate networks are, and

My remote client  connect to WAN port and the LAN port on the router is on net

I can access all resources on the net. Default gateway on the net is a separate router, and this router provides access to the other corporate nets. (basic net diag attached)

I have routes configured on the ASA for and traffic to go via I can ping resources on those nets from the ASA.

I have split tunnelling configured on the ASA to tunnel traffic to the three corporate nets. And my vpn client identifies these three nets as secured routes.

Oh and its ASA version 8.4(3) so it has all the new NAT commands etc

ASA config is attached,any help would be great

  • 2
1 Solution
Ernie BeekExpertCommented:
I'm missing the NAT exempts for the and networks. At the moment you only have:
nat (inside,outside) source static NETWORK_OBJ_10.100.70.0_24 NETWORK_OBJ_10.100.70.0_24 destination static NETWORK_OBJ_10.100.70.240_28 NETWORK_OBJ_10.100.70.240_28 no-proxy-arp route-lookup
nat (inside,outside) source static NETWORK_OBJ_10.100.70.0_24 NETWORK_OBJ_10.100.70.0_24 destination static NETWORK_OBJ_10.100.70.192_26 NETWORK_OBJ_10.100.70.192_26 no-proxy-arp route-lookup
GaryFovargue2020Author Commented:
Thanks that was perfect, just added the NAT exempts for the oher 2 nets and worked like a dream
Ernie BeekExpertCommented:
My pleasure :)
Thx 4 the points.

Featured Post

SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now