ASA5520 Cisco IPSEC VPN Client using DAP
I want to have access to all connected VPN Clients from the inside LAN. The access should only be available if it is initiated from the inside LAN.
Example Application: mstsc
The VPN Client should only be able to access restricted hosts on the inside LAN. This is done by ACL within the DAP.
At the moment I have to open all destination hosts/ports in the DAP ACL of the VPN Client which I want to make reachable from the inside LAN.
I think there must be a way to define:
All VPN Clients can be reached from the inside LAN.
All VPN Clients can only reach definied hosts at the inside LAN.
Does anyone have an idea how I can configure this?