Tags: , , , ,


Forum Replies

  1. Hi Rene,

    For this part here -

    The DNS server 8.8.8.8 will be assigned to remote VPN users.

    When connected to the VPN, If the users are trying to access Internal Corporate machines via DNS name, should we provide an Internal DNS server address rather than 8.8.8.8

    Thanks
    Rob

  2. Hi

    I have ASA 5520 VPN Plus license with latest IOS disk0:/asa917-k8.bin

    Licensed features for this platform:
    Maximum Physical Interfaces       : Unlimited      perpetual
    Maximum VLANs                     : 150            perpetual
    Inside Hosts                      : Unlimited      perpetual
    Failover                          : Active/Active  perpetual
    Encryption-DES                    : Enabled        perpetual
    Encryption-3DES-AES               : Enabled        perpetual
    Security Contexts                 : 20             perpetual
    GTP/GPRS                      
    ... Continue reading in our forum

  3. Hi

    I tested today AnyConnect VPN Client Software-4.2.01035 with my ASA and glad it works perfectly with Rene article.

    Rene, your ASA articles are amazing which so far I am testing, just a quick note, if you can add NAT statements also related to the configuration that will be great or if you add a Note that particular configuration require NAT changes as well.
    e.g. to make the Split Tunnel work we need a deny statement in NAT so it will be helpful.

    Thanks and amazing work, everything work for me like a charm.

    Stay blessed

  4. Hi Rene,

    Congrats, very clear tutorial. What about the NAT rule to keep untranslated the traffic between internal subnets and remote VPN hosts ? Is not it needed ?

    Please advise.

    Thank you.

  5. Hi Alessandro,

    Glad to hear you like it! You will need a NAT rule to keep traffic between remote VPN users and inside hosts untranslated. You can find the config for it in this reply:

    Cisco ASA NAT untranslate

    Rene

42 more replies! Ask a question or join the discussion by visiting our Community Forum