clientless access to resources across vpn

Unanswered Question
Sep 1st, 2010
User Badges:

I have been trying to figure something out.  Lets say you have one ASA that is terminating both clientless SSL vpn, and site to site/remote access ipsec vpns.  Is it possible to allow clientless webvpn users access to resources at the end of the ipsec tunnels?  I have not had success before. In this case, the same interface on the ASA is terminating the webvpn and the L2L tunnels.


Here is some clarrification if it helps


webvpn-----------ASA ---L2Ltunnel----PIX----File Servers

                         |

                         |

                         |

                         |

               Internal File Servers

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Asim Malik Wed, 09/01/2010 - 17:40
User Badges:
  • Cisco Employee,

Yes. Clientless vpn traffic will be taking outside ip as source when going out of the l2l tunnel (assuming l2l tunnel is on outside) so you need to allow the intresting traffic keeping this in mind. You probaly need to configure outside nat exempt and also hair pinning

Actions

This Discussion