1. Home
  2. Cisco Systems
  3. VPN Clients (NAT and RULES) on ASA 5505

VPN Clients (NAT and RULES) on ASA 5505

I had posted previously under.

ASA Config Needs some Help...

formatting link
I took the advice that was there and removed the NAT rules that were in there that was excluding everything and added one STATIC rule for the "external VPN IP" that I had set up for the start of my pool and my testing and am now able to connect. I set up one Policy that allowed me to my workstation with Remote Desktop and to one of our servers and it worked great.

It was recommended to create a new subnet for these that was different then our inside LAN. I used 192.168.5.x with the pool starting at 95. I then created a nat rule that takes 192.168.5.95 and converts it internally to 192.168.16.95 so that it is on our internal LAN scheme.

I don't want to have to write specific rules for my General users as most of them will need the same stuff. As Admin I will have some specific things that they won't naturally. Guess I am not sure on how to control this NAT and make sure that I don't end up with duplicate INSIDE IP's. Any best practices here?

I don't want to have to rework the internal network right now or worry if we add another remote user in the future and have to create new rules and things.

Hope I am clear in what I am looking for. TIA.

Tim

Reply to
TimParker
Loading thread data ...

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.