ASA easy VPN question.

Unanswered Question
Aug 8th, 2008
User Badges:
  • Silver, 250 points or more

I have easy vpn remote access configured on ASA box .once the user is connected wants to access resources in DMZ and INSIDE zone .I have 3 access-list configured for outside,inside,dmz (IN) so when it picks a IP from VPN pool do i need to edit outside access-list to allow access for inside/dmz zone .


Whats the concept here how this VPN Pool IP is treated .


Pls explain .


Thanks

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
ksirupa Fri, 08/08/2008 - 15:37
User Badges:
  • Silver, 250 points or more

Yes, you would need to add a NAT exempt statement on the inside interface to allow traffic from the inside go back to the VPN pool. Same concept applies for the DMZ interface.


Here is the closest example I could find:


http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080809222.shtml


Please ask me if it is still not clear.

Actions

This Discussion