We use a ASA5505 for as a firewall appliance and for users to connect to SSLVPN via the webvpn client. We can connect fine from home but we would also like to be able to connect from inside the firewall to be able to install the client onto new notebooks. What is needed to allow this? When ever we try no connection is established and the log shows first: 192.168.170.11 23088 x.x.104.84 443 Built inbound TCP connection 8729087 for inside:192.168.170.11/23088 (192.168.170.11/23088) to identity:x.x.104.84/443 (x.x.104.84/443) and then 192.168.170.11 23088 x.x.104.84 443 Teardown TCP connection 8729087 for inside:192.168.170.11/23088 to identity:x.x.104.84/443 duration 0:00:00 bytes 0 TCP Reset by appliance Does anybody know what will allow us to access the SSL portal page from inside? We don't want to enable SSLVPN on the inside interface because this will require us to configure split DNS and we dont use that. Thanks in advance.
Unfortunately you can't connect to the outside ip address for SSL VPN connection from the inside network. If you are connected to your inside network, you would need to enable SSL VPN on the inside interface, and connect to the ASA inside interface.
Thanks for the reply. I do find that a bit strange since I had this working for a few month and then it just stopped. I would like to hear if anyone else can verify that the ASA doesn't allow this. Also does that mean you also have to configure split dns to reach the stuff in your DMZ (homepage, webmail and so forth) Thanks in advance.
