Cisco Support Community
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

URL Access required over Remote VPN

Hello Experts,

We have two ASA firewalls (model 5510) one is being used for Remote VPN connections and second one is for STS Tunnel with our customers. Both firewalls are connected with internal switch and the our internal network is The remote VPN firewall is connected with switch by using the network The STS Tunnel firewall is connected with Internal Switch by using the same internal network

Remote VPN Firewall Internal Inside IP :

Switch Internal IP connected with Remote VPN Firewall :

STS Tunnel Firewall IP connected with Switch :

Switch Internal IP connected with Switch : (This is also the client's Gateway)

Remote VPN Pool :

The following routes are added on remote VPN firewall to access the network along with NAT exemption rule set at Inside Interface. Pointed to

NAT Exemption Rule : Permit

On Switch the routes are allowed: pointed to

Default route pointed to

We have one STS Tunnel estlablished with our customers to have the access of URL's which is working from internal machines and now we want that the URL's to be accessed through remote VPN for users.

Lets say the URL IP is

According to me, I would add a route pointed to switch ( to on remote VPN firewall along with NAT exemption rule ( to Permit). No changes are required on Switch. Add the Subnet ( in the intersting traffic access list on STS Tunnel firewall and add a reverse route pointed to Switch ( to I hope this config will work.

Please provide your inputs on this and alternation solution in case we don't make changes on STS firewall. Can it be done by doing some NATTING on remote VPN firewall. My mean is here to do the Policy NAT and convert the source IP (192.168.10.x) to (192.168.73.x) so that we don't to make the changes on STS Tunnel firewall.

Please confirm if it's possible


Community Member

URL Access required over Remote VPN

Can somebody please respond?

CreatePlease to create content