04-17-2008 10:57 PM - edited 03-11-2019 05:33 AM
Hi,
I am going to implement the SSL VPN appliance in the DMZ of PIX515E (6.3 Ver)
I have to give access to SSL VPN from outside users and as well as from inside inside users.
Please help me.
My understanding is SSL VPN has to be NATTED for outside and also for Inside,then appropriate ACL has to be applied.
Please help me.
Thanks and Regards,
S.Venkataraman.
04-23-2008 12:05 PM
For SSL VPN users to get access to the DMZ, define nat (DMZ) with the access-list command that permits the DMZ subnet to go to the VPN user's subnet without getting natted. (like nat (inside) 0 statement.)
As an example try out the configuration given below,
#> nat ( dmz ) 0 access-list dmz_nat0
Issue the access-list (dmz_nat0) command with the source as DMZ network and the desitination as the VPN user's subnet.
04-23-2008 06:49 PM
hello,
set a local pool so that SSL user should get address from here.
using Nat 0 in order to traffic from DMZ to pool is not Natted.
regards
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: