SSL VPN from inside on outside interface

Answered Question
Aug 20th, 2010

Hi all,

First of all I know I can activate the SSL on the inside interface but that is not what I need or want.

Scenario:

Several interfaces and VLANs on the ASA (running 8.0.5).

SSL VPN configured and activated on the outside interface.

Need to know if it's possible to access the SSL VPN from other interfaces directly to the outside interface IP address, something like hairpin.

Can be a solution (if it exists) with or without NAT (I have public IPs on some interfaces).

This will be useful for users that can connect from any interface (inside, outside or other) and with only one DNS record I will be able to manage everything.

Regards

PS: Is DNS doctoring an option? From the tests I have done it doesn't work.

Message was edited by: rcordeiro

I have this problem too.
0 votes
Correct Answer by Nagaraja Thanthry about 6 years 3 months ago

Hello,

Unfortunately, it is not possible. You cannot communicate with an ASA interface that is not directly connected through the firewall.

Regards,

NT

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Nagaraja Thanthry Fri, 08/20/2010 - 13:07

Hello,

Unfortunately, it is not possible. You cannot communicate with an ASA interface that is not directly connected through the firewall.

Regards,

NT

Actions

This Discussion