tjwoollard
asked on
no network access from sslvpn
i have set up a asa5545 for sslvpn access. I can log in ok and get an ip address from the pool i have created. however i cannot ping any device connected to the inside network. nor can i ping the client from the asa device. i have monitored the asa device through adsm and connot see any traffic coming from the pc connected to the vpn. I have seen this issue before on a cisco 2900 where i had to trash the vpn config and start again but i do not want to do that on the asa as it is in production.
ASKER
no however i noticed that on the asa I do not need any no-nat statements as i did on the px it replaced. all my private addresses route through the asa ok. the onlt nat statement i need is the global one.
ASKER
i put the nat statement in and it worked so thanks for that. can you tell me why i do not need a no-nat statement for the internet interfaces. i have 2 private networks 192.168.1.0 and 192.168.2.0 and traffic is passing between them perfectly with the global nat statement configured.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
i got the vpn routing working by using the nat statements above. i ma just curious to know why i do not need no nat statements although i can guess why so i just want someone to confirm this.
Did you create a NAT role from VPN users to lan or any other way?