[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 306
  • Last Modified:

no network access from sslvpn

i have set up a asa5545 for sslvpn access. I can log in ok and get an ip address from the pool i have created. however i cannot ping any device connected to the inside network. nor can i ping the client from the asa device. i have monitored the asa device through adsm and connot see any traffic coming from the pc connected to the vpn. I have seen this issue before on a cisco 2900 where i had to trash the vpn config and start again but i do not want to do that on the asa as it is in production.
0
tjwoollard
Asked:
tjwoollard
  • 3
1 Solution
 
GiladnCommented:
Hi,

Did you create a NAT role from VPN users to lan or any other way?
0
 
tjwoollardAuthor Commented:
no however i noticed that on the asa I do not need any no-nat statements as i did on the px it replaced. all my private addresses route through the asa ok. the onlt nat statement i need is the global one.
0
 
tjwoollardAuthor Commented:
i put the nat statement in and it worked so thanks for that. can you tell me why i do not need a no-nat statement for the internet interfaces. i have 2 private networks 192.168.1.0 and 192.168.2.0 and traffic is passing between them perfectly with the global nat statement configured.
0
 
Craig BeckCommented:
Can you post the config?  You shouldn't need a NAT for a VPN to work - you should be able to use proper routing.
0
 
tjwoollardAuthor Commented:
i got the vpn routing working by using the nat statements above. i ma just curious to know why i do not need no nat statements although i can guess why so i just want someone to confirm this.
0

Featured Post

Fill in the form and get your FREE NFR key NOW!

Veeam is happy to provide a FREE NFR server license to certified engineers, trainers, and bloggers.  It allows for the non‑production use of Veeam Agent for Microsoft Windows. This license is valid for five workstations and two servers.

  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now