02-24-2009 06:02 AM - edited 03-11-2019 07:56 AM
Hi All,
I need to reach a remote network that permits traffic from my public IP address. When I am on the road I need to access the same system. My solution (or at least what I thought would work) was to VPN into my corp network and then access the remote system.
The problem is that my IP is that of my ISP rather than my VPN assigned IP. Of course this ISP assigned IP is denied access to the remote system.
I have an ASA 5500, I created a tunnel group with an IP pool consisting of two of my public IP addresses. When I connect to VPN I do receive one of the addresses in that pool on the VPN adapter/interface. This address in itself is permitted into the remote network I need to reach.
How can I ensure that my packets have the source IP of my corp network (therefore allowing them into the remote network) rather than the ISP address?
Thank you for your thoughts on this.
02-24-2009 06:14 AM
Richard,
I would think that a simpler way would be to:-
1) Remote VPN into your corperate system.
2) Tunnel ALL IP traffic to the ASA
3) Enable "same-security intra-traffic"
4) NAT your pool of IP address, to an accepted external IP address on your ASA.
HTH>
02-24-2009 06:33 AM
I am working on getting up to speed, so excuse the ignorance of this question, is the second step a client setting?
Thanks.
02-24-2009 06:49 AM
OK no issues.
This is not a client setting, by default you will be encrypting all traffic from the client. You should check you are not using "split-tunneling"
HTH>
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide