I would run packet tracer on the asa and ensure you don't have an rfp
issue. Also try the same security command which ever is appropriate.
On May 28, 2014 6:17 PM, "Haroon" <itguy.pro_at_gmail.com> wrote:
> Hello Experts,
>
> I need some help with AnyConnect VPN I configured on ASA 5510. Please see
> diagram to better understand below details. http://tinypic.com/r/9uvfix/8
>
> The configuration, from making connection to the ASA through the vpn client
> works fine. I can connect, authenticate (to local and LDAP), get an ip
> address but once it is connected, I cannot access local resources inside
> the network (LAN).
>
> The VPN is configured on the INSIDE interface of the ASA and then 1:1 NAT
> on Meraki MX90
>
> If I use LAN's DHCP server instead of the IP POOL on the ASA, I obviously
> get the same IP addresses as the LAN and local resource access (RDP,
> fileshares, etc.) works fine.
>
> On ASA I do have splittunnel enabled, I do have a route to the IP POOL
> subnet on meraki for local servers to get to the VPN subnet and also I have
> intra/inter interface traffic.
>
> Other than the VPN there is nothing else configured on the ASA.
>
> Considering the diagram, considering the fact that its only using one
> inside interface for VPN and VPN traffic basically makes U-Turn on ASA,
> what exactly do I need to do on the ASA to allow different subnet/VPN IP
> POOL to access inside resources?
>
> Any help/direction would be greatly appreciate.
>
> thanks,
>
> Haroon
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Wed May 28 2014 - 22:48:20 ART
This archive was generated by hypermail 2.2.0 : Tue Jun 10 2014 - 13:43:09 ART