Cisco ASA 5510. Outside NIC connected to ISP with real internet IP
addresses. Inside NIC connected to DMZ 172.17.193.0/24 with address
Brand new clean ISA 2006 SP1. Outside NIC connected to 172.17.193.0/24
DMZ with address 172.17.193.1. Inside NIC connected to UAT
22.214.171.124/24 with address 126.96.36.199.
VPN user connects to the ASA (gets a 192.168.20.0/24 IP address). On
the ASA, there is:
access-list split_tunnel_list standard permit 188.8.131.52 255.255.255.0
route inside 184.108.40.206 255.255.255.0 172.17.193.1 1
What I have now on the ISA FW policy:
1. Allow, RDP, From External, To Internal and Local host
2. Allow, All Outbound Traffic, From Internal and Local host, To External
Can 44.44.44.x browse Internet? No.
Can VPN Clients RDC 44.44.44.x devices? Yes.
Can VPN Clients RDC 220.127.116.11 (ISA)? Yes.
Can 44.44.44.x RDC 172.17.193.x devices? No.
Does anyone know if there's anything I have to make changes to on the ASA to make sure all the questions are YES?