Cisco ASA VPN 5520 stopped to one internal IP

ITMaster1979
ITMaster1979 used Ask the Experts™
on
Hi All,

  I have enabled cisco ASA 5520 client vpn to my local IP 192.168.1.10 and its working fine when I connect using cisco vpn. I have published port 443 for the same IP using static (inside,outside) 62.62.1.4 192.168.1.10 netmask 255.255.255.255 . now when I connect to cisco client VPN I cant ping or access 192.168.1.10, please advise if I need to add any ACL ?

Thanks
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Hello,

You need to create NAT exemption for traffic between VPN and local LAN.

access-list VPN_EXEMPT extended permit ip 192.168.1.0 255.255.255.0 <VPN_subnet> <VPN_mask>
nat (inside) 0 access-list VPN_EXEMPT

Just replace <VPN_subnet> <VPN_mask> with VPN address pool.

Regards!

Author

Commented:
THANKS

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial