Unanswered Question

Our ASA is behind our Juniper firewall. Inside interface is connected to dmz zone of the Netscreen and outside is shutdown. The reason we are doing this is to disable split tunnel and route everything back out through our Netscreen firewall. Is this setup sounds right to you? Previously, we setup the outside interface facing public and inside connected to dmz of the Netscreen but we had problem with re-route all traffic to our Juniper firewall (for web filter). One more question is how come the default gateway of SSL VPN client receives (Netscreen DMZ Interface IP) but IPsec client receive default gateway same as it IP? Is this because inside IP and VPN-POOL are the same subnet. Example (ASA IP) and (VPN POOL). Thanks

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion