Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
342
Views
0
Helpful
2
Replies

VPN and DMZ issue

Go to solution
clark.d
Level 1
Level 1

‎06-29-2007 07:19 AM - edited ‎02-21-2020 03:07 PM

I have an ASA 5510 that have remote access VPN service enabled. Users are able to logon and access inside resources no problem. the issue is the DMZ servers, like the web server, they can not access. Is there and easy way to allow this access for VPN users?

Thanks

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
acomiskey
Level 10
Level 10
In response to acomiskey

‎06-29-2007 07:31 AM

That will allow you to hit your dmz servers. For instance if the dmz is 192.168.1.0, you can hit the servers by their dmz addresses 192.168.1.x etc.

Your other option is to use split tunneling which would allow you to access the servers via their public ip addresses which are translated in the ASA.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
acomiskey
Level 10
Level 10

‎06-29-2007 07:24 AM

You need to add nat exemption for the dmz as you did for the inside.

access-list dmz_nonat extended permit ip any

nat (dmz) 0 access-list dmz_nonat

Please rate helpful posts.

0 Helpful

Go to solution
acomiskey
Level 10
Level 10
In response to acomiskey

‎06-29-2007 07:31 AM

That will allow you to hit your dmz servers. For instance if the dmz is 192.168.1.0, you can hit the servers by their dmz addresses 192.168.1.x etc.

Your other option is to use split tunneling which would allow you to access the servers via their public ip addresses which are translated in the ASA.

0 Helpful
Customers Also Viewed These Support Documents