Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Howto let inside users access SSLVPN on outside

We use a ASA5505 for as a firewall appliance and for users to connect to SSLVPN via the webvpn client. We can connect fine from home but we would also like to be able to connect from inside the firewall to be able to install the client onto new notebooks. What is needed to allow this? When ever we try no connection is established and the log shows first: 192.168.170.11     23088     x.x.104.84     443     Built inbound TCP connection 8729087 for inside:192.168.170.11/23088 (192.168.170.11/23088) to identity:x.x.104.84/443 (x.x.104.84/443)
and then
192.168.170.11     23088     x.x.104.84     443     Teardown TCP connection 8729087 for inside:192.168.170.11/23088 to identity:x.x.104.84/443 duration 0:00:00 bytes 0 TCP Reset by appliance
Does anybody know what will allow us to access the SSL portal page from inside? We don't want to enable SSLVPN on the inside interface because this will require us to configure split DNS and we dont use that. Thanks in advance.

3 REPLIES
Cisco Employee

Re: Howto let inside users access SSLVPN on outside

Unfortunately you can't connect to the outside ip address for SSL VPN connection from the inside network. If you are connected to your inside network, you would need to enable SSL VPN on the inside interface, and connect to the ASA inside interface.

Community Member

Re: Howto let inside users access SSLVPN on outside

Thanks for the reply. I do find that a bit strange since I had this working for a few month and then it just stopped. I would like to hear if anyone else can verify that the ASA doesn't allow this. Also does that mean you also have to configure split dns to reach the stuff in your DMZ (homepage, webmail and so forth) Thanks in advance.

Cisco Employee

Re: Howto let inside users access SSLVPN on outside

Yes, you are correct. You would need to configure split dns as well.

925
Views
0
Helpful
3
Replies
CreatePlease to create content