[c-nsp] ASA 5520 Remote Access VPN
Sigurbjörn Birkir Lárusson
sigurbjornl at vodafone.is
Tue Feb 3 10:29:40 EST 2009
Something along these lines if you wanted to just send 10.10.53.0/24 and
10.10.54.0/24 through the VPN tunnel
tunnel-group testgroup general-attributes
default-group-policy testpolicy
group-policy testpolicy internal
group-policy testpolicy attributes
split-tunnel-policy tunnelspecified
split-tunnel-network-list value TunnelList
access-list TunnelList standard permit 10.10.53.0 255.255.255.0
access-list TunnelList standard permit 10.10.54.0 255.255.255.0
BR,
Sibbi
On 3.2.2009 15:22, "Eimantas Zdanevičius" <eimantas at occ.lt> wrote:
> Sigurbjörn Birkir Lárusson wrote:
>> If you're connecting through a natted host to the VPN you might try adding
>>
>> crypto isakmp nat-traversal 30
>>
>> I have a fairly similar setup to yours which works just fine.
>>
> This solved the problem, thanks!
>
> Another problem is that client sets default gateway to tunnel.
> How can i configure only some networks to go trough tunnel?
>
>
> Eimantas
More information about the cisco-nsp
mailing list