VPN ACL

Hey,

Apply the following config in the ASA. You can copy and paste the whole config. After that disconnect the vpn client and reconnect it and hope that will work..

tunnel-group CPL general-attributes
no address-pool Remote_Client_Pool
exit
no ip local pool Remote_Client_Pool 10.3.254.10-10.3.254.60 mask 255.255.255.0
no access-list inside_nat0_outbound extended permit ip 10.3.254.0 255.255.255.0 10.3.254.0 255.255.255.192
no access-list inside_nat0_outbound extended permit ip 10.3.4.0 255.255.255.0 10.3.254.0 255.255.255.192
ip local pool Remote_Client_Pool 10.3.10.10-10.3.10.60 mask 255.255.255.0
access-list CPL_splitTunnelAcl standard permit 10.3.4.0 255.255.255.0
access-list inside_nat0_outbound extended permit ip 10.3.254.0 255.255.255.0 10.3.10.0 255.255.255.192
access-list inside_nat0_outbound extended permit ip 10.3.4.0 255.255.255.0 10.3.10.0 255.255.255.192
tunnel-group CPL general-attributes
address-pool Remote_Client_Pool

Cisco always suggest to have a different Ip pool subnet than what you are using in the internal interface for avoid any possible routing conflicts.


*****************************************************

For Radisu config you can check the following config example link:

www.cisco.com/en/US/products/hw/vpndevc/...186a00806de37e.shtml

This is for version 7.x

Cheers!!

Thanks for the reply. I have been tweaking the config myself, but I am still not able to get it to work. I will look at the configuration you suggested and see it that helps. Thanks!