Olá pessoal.
Estou precisando muita da ajuda de vocês.
Tenho um ASA 5505 onde configurei uma VPN Remote Access autenticando em um RADIUS (Win2k3).
A VPN esta fechando, os usuários autenticam sem problemas, consigo acessar a rede local normalmente, porém, nenhum cliente que esta conectado a VPN consegue acessar a internet.
Alguem consegu me dar uma luz?
Abaixo minha configuração:
################################################
interface Vlan1
description LAN
nameif inside
security-level 100
ip address 192.168.31.3 255.255.255.0
!
interface Vlan2
nameif outside
security-level 0
ip address 200.x.x.x 255.255.255.248
!
interface Ethernet0/0
switchport access vlan 2
!
interface Ethernet0/1
!
interface Ethernet0/2
!
interface Ethernet0/3
!
interface Ethernet0/4
!
interface Ethernet0/5
!
interface Ethernet0/6
!
interface Ethernet0/7
switchport access vlan 3
object-group service DM_INLINE_SERVICE_1
service-object icmp
service-object tcp eq www
service-object tcp eq https
object-group protocol TCPUDP
protocol-object udp
protocol-object tcp
object-group service DM_INLINE_SERVICE_2
service-object tcp-udp eq domain
service-object tcp eq 445
service-object tcp eq netbios-ssn
object-group service DM_INLINE_SERVICE_3
service-object icmp
service-object tcp eq www
service-object tcp eq https
service-object tcp eq pop3
service-object tcp eq smtp
service-object tcp eq 137
service-object tcp eq 445
service-object tcp eq domain
service-object tcp eq netbios-ssn
service-object udp eq domain
object-group service DM_INLINE_TCP_1 tcp
port-object eq pop3
port-object eq smtp
object-group service DM_INLINE_SERVICE_4
service-object tcp eq 137
service-object udp eq netbios-ns
access-list inside_nat0_outbound extended permit ip any 192.168.31.192 255.255.255.224
access-list inside_access_in remark Navegacao Internet e SSL
access-list inside_access_in extended permit object-group DM_INLINE_SERVICE_3 any any
access-list inside_access_in extended permit object-group DM_INLINE_SERVICE_4 192.168.31.0 255.255.255.0 any
access-list outside_nat0_outbound_1 extended permit ip 192.168.31.192 255.255.255.224 192.168.31.0 255.255.255.0
global (outside) 1 interface
nat (inside) 0 access-list inside_nat0_outbo
nat (inside) 1 192.168.31.0 255.255.255.0
nat (outside) 0 access-list outside_nat0_out
nat (outside) 1 192.168.31.192 255.255.255.2
access-group inside_access_in in interface i
route outside 0.0.0.0 0.0.0.0 200.x.x.x 1
################################################
Os clientes fecham a VPN mas não conseguem acessar a internet.
Alguem consegue ver o que esta errado ou faltando na configuração acima?