Cisco ASA NAT question.
Posted on 2016-10-26
I have a ASA that connects to a 1800 to my internal networks. I originally only had a 192.168.100.0 network but recently added a 192.168.101.0 network to the second interface of the 1800. Everything works great internally and both networks route no problem but however when my users use the VPN client to connect from the outside they can only get to the 192.168.100.0 network. I am assuming that this is only a nat'ing issue but i don't know how to resolve it.
When my clients connect to to the VPN via cisco vpn client they get nated to a 10.255.255.XXX address. This appears in my NAT rule as the first rule and looks like this:
Source Intf Dest intf source Destination service Source Destination Service Options
1 inside outside obj-192.168.100.0 NewVPNPool any original--(S) original original no proxy
im needing them to get to both 192.168.100.0 and 192.168.101.0 and I am assuming I can either create a group that contains both network objects in it and put that group in the source object
add another nat rule listing the 192.168.101.0 network separately..
recommendations? suggestions please. Thanks in advance for any help and insight you can give.