?
Solved

no network access from sslvpn

Posted on 2014-04-10
5
Medium Priority
?
307 Views
Last Modified: 2014-05-06
i have set up a asa5545 for sslvpn access. I can log in ok and get an ip address from the pool i have created. however i cannot ping any device connected to the inside network. nor can i ping the client from the asa device. i have monitored the asa device through adsm and connot see any traffic coming from the pc connected to the vpn. I have seen this issue before on a cisco 2900 where i had to trash the vpn config and start again but i do not want to do that on the asa as it is in production.
0
Comment
Question by:tjwoollard
  • 3
5 Comments
 
LVL 11

Expert Comment

by:Giladn
ID: 39991504
Hi,

Did you create a NAT role from VPN users to lan or any other way?
0
 

Author Comment

by:tjwoollard
ID: 39991572
no however i noticed that on the asa I do not need any no-nat statements as i did on the px it replaced. all my private addresses route through the asa ok. the onlt nat statement i need is the global one.
0
 

Author Comment

by:tjwoollard
ID: 39991764
i put the nat statement in and it worked so thanks for that. can you tell me why i do not need a no-nat statement for the internet interfaces. i have 2 private networks 192.168.1.0 and 192.168.2.0 and traffic is passing between them perfectly with the global nat statement configured.
0
 
LVL 47

Accepted Solution

by:
Craig Beck earned 2000 total points
ID: 39997513
Can you post the config?  You shouldn't need a NAT for a VPN to work - you should be able to use proper routing.
0
 

Author Comment

by:tjwoollard
ID: 39998571
i got the vpn routing working by using the nat statements above. i ma just curious to know why i do not need no nat statements although i can guess why so i just want someone to confirm this.
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

#SSL #TLS #Citrix #HTTPS #PKI #Compliance #Certificate #Encryption #StoreFront #Web Interface #Citrix XenApp
Good news! Plesk 12.5 (with update #28 and above) now includes support for HTTP/2. This is a major update to HTTP1.1, which is over 15 years old. Read below to learn how to enable HTTP/2 on your Media Temple DV with Plesk.
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

588 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question