02-01-2012 06:56 PM - edited 03-11-2019 03:22 PM
Hello everyone,
We have firewall 5510 and wanted to access one of the program data from outside of our network. Data can be access through browser. Do i need to setup vpn to access this server? or it should be like exchange where in firewall we nat the inside ip with outside ip?
To access the data interally we just got the server ip address in any browser and login with our active directory info.
please help me out ,thanks.
Solved! Go to Solution.
02-01-2012 07:16 PM
Hi Gurpreet,
You can go both ways. But with port redirect (incase of single public IP), you may be running into security risk, if you allow access to server from 'any'. You can minimize the risk by placing the server in DMZ.
Below link shows you example of port redirection to access server from outside using your ASA public IP:
http://ciscoconfigs.net/index.php?option=com_content&task=view&id=19&Itemid=26
VPN is another option- setup VPN on ASA5510 and users can connect to server and other internal resources with Private ip when connected to your network via VPN. Provides secured connectivity.
hth
MS
02-01-2012 07:16 PM
Hi Gurpreet,
You can go both ways. But with port redirect (incase of single public IP), you may be running into security risk, if you allow access to server from 'any'. You can minimize the risk by placing the server in DMZ.
Below link shows you example of port redirection to access server from outside using your ASA public IP:
http://ciscoconfigs.net/index.php?option=com_content&task=view&id=19&Itemid=26
VPN is another option- setup VPN on ASA5510 and users can connect to server and other internal resources with Private ip when connected to your network via VPN. Provides secured connectivity.
hth
MS
02-01-2012 07:24 PM
Thanks, do you have good link for doing vpn right way in asa5510. As per your suggesiton vpn is the right away to go right?
again thanks for your time and suggesiton.
02-01-2012 07:43 PM
Check below links for basic configs. Based on your ASA version, few command syntax may be different. Search for the remote access VPN configs for your ASA version.
http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/vpnrmote.html
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080702999.shtml
Hth
MS
02-01-2012 07:46 PM
Thanks, even the first post link is great.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: