Solved

no network access from sslvpn

Posted on 2014-04-10
5
287 Views
Last Modified: 2014-05-06
i have set up a asa5545 for sslvpn access. I can log in ok and get an ip address from the pool i have created. however i cannot ping any device connected to the inside network. nor can i ping the client from the asa device. i have monitored the asa device through adsm and connot see any traffic coming from the pc connected to the vpn. I have seen this issue before on a cisco 2900 where i had to trash the vpn config and start again but i do not want to do that on the asa as it is in production.
0
Comment
Question by:tjwoollard
  • 3
5 Comments
 
LVL 11

Expert Comment

by:Giladn
ID: 39991504
Hi,

Did you create a NAT role from VPN users to lan or any other way?
0
 

Author Comment

by:tjwoollard
ID: 39991572
no however i noticed that on the asa I do not need any no-nat statements as i did on the px it replaced. all my private addresses route through the asa ok. the onlt nat statement i need is the global one.
0
 

Author Comment

by:tjwoollard
ID: 39991764
i put the nat statement in and it worked so thanks for that. can you tell me why i do not need a no-nat statement for the internet interfaces. i have 2 private networks 192.168.1.0 and 192.168.2.0 and traffic is passing between them perfectly with the global nat statement configured.
0
 
LVL 45

Accepted Solution

by:
Craig Beck earned 500 total points
ID: 39997513
Can you post the config?  You shouldn't need a NAT for a VPN to work - you should be able to use proper routing.
0
 

Author Comment

by:tjwoollard
ID: 39998571
i got the vpn routing working by using the nat statements above. i ma just curious to know why i do not need no nat statements although i can guess why so i just want someone to confirm this.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

We've all had that page pop up telling us there is a problem with the certificate and some of us continue on anyways and others run away to a safer competing site.  But what to do when you get the error - is it your problem or theirs?  What can you …
This is the first one of a series of articles I’ll be writing to address technical issues that are always referred to as network problems. The network boundaries have changed, therefore having an understanding of how each piece in the network  puzzl…
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question