Internet through VPN

Unanswered Question
May 13th, 2008

Friends,

i have 2 Cisco ASA FW. First one is ASA 5520 and second 5505. they are connected with eachouther via VPN and work OK. ASA 5520 is main and its inside users could reach the Internet. my task is that users of ASA 5505 could to reach internet via VPN. i mean ASA 5505 user have access in internet via VPN.... plz, help me

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
acomiskey Tue, 05/13/2008 - 11:37

5520-


same-security-traffic permit intra-interface

global (outside) 1 interface

nat (outside) 1

access-list extended permit ip any

access-list extended permit ip

nat (inside) 0 access-list

crypto map # match address


5505


access-list extended permit ip any

access-list extended permit ip any

nat (inside) 0 access-list

crypto map # match address

batumibatumi Tue, 05/13/2008 - 22:48

Thank you... :)))


I'm ysing ASDM for configuring VPN connections between ASA's... Do U know book or artical for ASDM in this situatoin... Can U help me.

kevin.corace Wed, 05/14/2008 - 18:23

Have you considered EZVPN with no split tunneling? 5520 as the EZVPN Server and 5505 as the EZVPN client. Then you can tunnel all through the 5520 including outbound traffic.


You will also need your NAT statement for the 5505 internal subnet and on the 5520 "permit traffic intra interface".

batumibatumi Wed, 05/14/2008 - 22:27

Thanks for answering but it is not pritty clear for me :((( Do U know artical or book, how to permit internet via VPN ?! PLZ, help me ... :)))

batumibatumi Wed, 05/14/2008 - 23:22

I'm making VPN site-to-site connection between ASA's with no problem (using ASDM)... But how reach to access Internet via VPN i still can not understand how to config it... ((( And i also could not to find any book or artical about this scenario... :((( its very important for me, hope somebudy'll give me a wise advice.


THX, in advance )))

batumibatumi Thu, 05/15/2008 - 22:12

This days i have been searching book and article about how to reach inetrnet via VPN. Nowhere could find nothing intresting ... please, give me a advice how to resolve this problem...

Actions

This Discussion