Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
444
Views
0
Helpful
3
Replies

Redirecting SSL VPN to public DMZ interface

mgierach1
Level 1
Level 1

‎01-19-2009 03:08 PM

Hello,

I have a situation where the usable WAN IP block belongs to the DMZ interface of the ASA. A WAN/ISP transit network also exists between the ASA and ISP provider but we cannot use these addresses for SSL VPN.

Is it possible to route through the WAN/ISP interface and terminate SSL client/clientless connections on the DMZ interface of the ASA?

Labels:
0 Helpful
3 Replies 3

andrew.prince
Level 10
Level 10

‎01-22-2009 07:05 AM

I am confused - why do you think "A WAN/ISP transit network also exists between the ASA and ISP provider but we cannot use these addresses for SSL VPN" If it is reachable from the Internet and there is an IP address on the "outside" interface address of the ASA - then you can use it.

HTH>

0 Helpful

mgierach1
Level 1
Level 1
In response to andrew.prince

‎01-22-2009 08:13 AM

We cannot use it as 443 is utilized for another purpose on that IP.

0 Helpful

andrew.prince
Level 10
Level 10
In response to mgierach1

‎01-22-2009 08:23 AM

yes it would fail if you have not configured the device to accept WebVPN connections on that interface??

webvpn

enable >

HTH>

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents