Access List for VPNs

access-list 80 permit ip host

nat (inside) 0 access-list 80

where (Outside Interface IP) (POOL For VPN Clients)

Is there any problem with this access-list. can vpn users access the internat netwrok of

or do i have to add more acls.

Reply to
Hemat Maheshwari
Loading thread data ...

Once the clients get the access through the VPNclient they are identified through the addresses belonging to the pool you have assigned to them.

So you need:

- to avoid NAT between the internal LAN (behind the inside interface, or whichever interface [outside not included, obviuosly] the VPNclients must reach) and the pool you have assigned;

- to allow the pool to each resources they must reach and the rules must be applied on the outside interface.

For me the rule you wrote does nothing.



Reply to

access-list 80 permit ip nat (inside) 0 access-list 80

now they will be able to access the inside network

Reply to
rave Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.