IP through VPN

oneirishpollack · ‎02-24-2009

Hi All,

I need to reach a remote network that permits traffic from my public IP address. When I am on the road I need to access the same system. My solution (or at least what I thought would work) was to VPN into my corp network and then access the remote system.

The problem is that my IP is that of my ISP rather than my VPN assigned IP. Of course this ISP assigned IP is denied access to the remote system.

I have an ASA 5500, I created a tunnel group with an IP pool consisting of two of my public IP addresses. When I connect to VPN I do receive one of the addresses in that pool on the VPN adapter/interface. This address in itself is permitted into the remote network I need to reach.

How can I ensure that my packets have the source IP of my corp network (therefore allowing them into the remote network) rather than the ISP address?

Thank you for your thoughts on this.

andrew.prince · ‎02-24-2009

Richard,

I would think that a simpler way would be to:-

1) Remote VPN into your corperate system.

2) Tunnel ALL IP traffic to the ASA

3) Enable "same-security intra-traffic"

4) NAT your pool of IP address, to an accepted external IP address on your ASA.

HTH>

oneirishpollack · ‎02-24-2009

I am working on getting up to speed, so excuse the ignorance of this question, is the second step a client setting?

Thanks.

andrew.prince · ‎02-24-2009

OK no issues.

This is not a client setting, by default you will be encrypting all traffic from the client. You should check you are not using "split-tunneling"

HTH>