ASA Hairpinning

Unanswered Question
Dec 1st, 2007

I would like to configure ASA 5510 to allow VPN clients access to the network behind the firewall, IPsec vpn tunnels, and internet access.

Is that hairpinning? How do I configure to allow internet access?

It is already setup to allow access to the network, just not the internet.

Thanks.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
JORGE RODRIGUEZ Sat, 12/01/2007 - 20:41

Eric, from what I have read hairpining would be if you were using what is refer as public internet on a stick to allow vpn clients to asa outside internet without using split tunneling in asa. You could either use with split tunneling or outside nat enabling hairpining with same-security-traffic permit intra-interface

Configuring split tunneling

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080702999.shtml

Or public internet on a stick.

same-security-traffic permit intra-interface allows the traffic to exit out on the interface it was received on

global (outside) 1 interface

nat (outside) 1

rate any helpful post if it helps

HTH

Jorge

braulio.santos Sun, 09/14/2008 - 22:46

Your configuration issue is split tunnel, than say Jorge.

Hairpining is other concept.

Actions

This Discussion