[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

no network access from sslvpn

Posted on 2014-04-10
5
Medium Priority
?
302 Views
Last Modified: 2014-05-06
i have set up a asa5545 for sslvpn access. I can log in ok and get an ip address from the pool i have created. however i cannot ping any device connected to the inside network. nor can i ping the client from the asa device. i have monitored the asa device through adsm and connot see any traffic coming from the pc connected to the vpn. I have seen this issue before on a cisco 2900 where i had to trash the vpn config and start again but i do not want to do that on the asa as it is in production.
0
Comment
Question by:tjwoollard
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
5 Comments
 
LVL 11

Expert Comment

by:Giladn
ID: 39991504
Hi,

Did you create a NAT role from VPN users to lan or any other way?
0
 

Author Comment

by:tjwoollard
ID: 39991572
no however i noticed that on the asa I do not need any no-nat statements as i did on the px it replaced. all my private addresses route through the asa ok. the onlt nat statement i need is the global one.
0
 

Author Comment

by:tjwoollard
ID: 39991764
i put the nat statement in and it worked so thanks for that. can you tell me why i do not need a no-nat statement for the internet interfaces. i have 2 private networks 192.168.1.0 and 192.168.2.0 and traffic is passing between them perfectly with the global nat statement configured.
0
 
LVL 47

Accepted Solution

by:
Craig Beck earned 2000 total points
ID: 39997513
Can you post the config?  You shouldn't need a NAT for a VPN to work - you should be able to use proper routing.
0
 

Author Comment

by:tjwoollard
ID: 39998571
i got the vpn routing working by using the nat statements above. i ma just curious to know why i do not need no nat statements although i can guess why so i just want someone to confirm this.
0

Featured Post

[Webinar] Lessons on Recovering from Petya

Skyport is working hard to help customers recover from recent attacks, like the Petya worm. This work has brought to light some important lessons. New malware attacks like this can take down your entire environment. Learn from others mistakes on how to prevent Petya like worms.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The article explains the protocols and technology which is involved when two computers on different TCP/IP networks communicate with each other. In the diagram, a router is used to segregate two networks. The networks are 192.168.1.0/24 and 192…
SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant. Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question