Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

IP through VPN

Hi All,

I need to reach a remote network that permits traffic from my public IP address. When I am on the road I need to access the same system. My solution (or at least what I thought would work) was to VPN into my corp network and then access the remote system.

The problem is that my IP is that of my ISP rather than my VPN assigned IP. Of course this ISP assigned IP is denied access to the remote system.

I have an ASA 5500, I created a tunnel group with an IP pool consisting of two of my public IP addresses. When I connect to VPN I do receive one of the addresses in that pool on the VPN adapter/interface. This address in itself is permitted into the remote network I need to reach.

How can I ensure that my packets have the source IP of my corp network (therefore allowing them into the remote network) rather than the ISP address?

Thank you for your thoughts on this.

3 REPLIES

Re: IP through VPN

Richard,

I would think that a simpler way would be to:-

1) Remote VPN into your corperate system.

2) Tunnel ALL IP traffic to the ASA

3) Enable "same-security intra-traffic"

4) NAT your pool of IP address, to an accepted external IP address on your ASA.

HTH>

Community Member

Re: IP through VPN

I am working on getting up to speed, so excuse the ignorance of this question, is the second step a client setting?

Thanks.

Re: IP through VPN

OK no issues.

This is not a client setting, by default you will be encrypting all traffic from the client. You should check you are not using "split-tunneling"

HTH>

111
Views
0
Helpful
3
Replies
CreatePlease to create content