access-list 80 permit ip host 202.83.175.110 172.16.200.0 255.255.255.0
nat (inside) 0 access-list 80
where 202.83.175.110 (Outside Interface IP)
172.16.200.0 (POOL For VPN Clients)Is there any problem with this access-list. can vpn users access the internat netwrok of 172.16.100.0/24
or do i have to add more acls.
Once the clients get the access through the VPNclient they are identified through the addresses belonging to the pool you have assigned to them.
So you need:
- to avoid NAT between the internal LAN (behind the inside interface, or whichever interface [outside not included, obviuosly] the VPNclients must reach) and the pool you have assigned;
- to allow the pool to each resources they must reach and the rules must be applied on the outside interface.
For me the rule you wrote does nothing.
HTH
A.
access-list 80 permit ip 172.16.100.0 255.255.255.0 172.16.200.0
255.255.255.0 nat (inside) 0 access-list 80now they will be able to access the inside network 172.16.100.0
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.