Allow Cisco VPN clients from inside of ASA?

Unanswered Question
Apr 22nd, 2008
User Badges:

Hi,


I have a Cisco ASA and quite often have a clients come in and want to use their Cisco VPN clients to connect to their remote networks.


What do I need to open on my Cisco ASA to allow this traffic to pass through it with nothing blocking it?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
vipthomps Tue, 04/22/2008 - 13:08
User Badges:

Usually i have to enable Nat traversal for this

JORGE RODRIGUEZ Tue, 04/22/2008 - 16:54
User Badges:
  • Green, 3000 points or more

To cisco vpn from inside behind asa to outside add this to your global polciy (IPsec pass through )

ciscoasa(config)# policy-map global_policy

ciscoasa(config-pmap)# class inspection_default

ciscoasa(config-pmap-c)# inspect ipsec-pass-thru

ciscoasa(config-pmap-c)#exit



if you want to read about it here is some Backround info

http://www.cisco.com/en/US/docs/security/asa/asa72/command/reference/i2_72.html#wp1668213



HTH

Rgds

Jorge


Actions

This Discussion