Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

VPN from DMZ

I have an ASA 5510. I have an interface with a security of 10 called "internetguest". We use this interface to connect vendors to the internet without accessing the "inside" network. These vendors have a need to access the "inside" network. I have our VPN setup to connect to our "outside" interface which is on the same ASA and a security of 0. How would I configure the ASA to allow VPN to the "outside" interface from the "internetguest" interface? I am tring to build the VPN tunnel from one interface to another on the same ASA. Let me know what other information you may need and thank you in advance for your time and effort.

New Member

Re: VPN from DMZ


Could you clarify a bit on these:

1. are vendor directly connected to internetguest zone or connected to router and vendor behind router

2. what kind of VPN do want to deploy Site to Site or RemoteAccess VPN.

New Member

Re: VPN from DMZ

If I understand you correct you need to access the inside network from your DMZ interface using VPN (i guess Remote Access). Well I doubt that the idea of passing the traffic through your DMZ interface and connecting to the outside interface works, but AFAIK you can activate vpn connectivity on your DMZ interface

with something like the commands:

crypto map "YourCryptoMapName" interface internetguest

crypto isakmp enable internetguest

Hope this helps cheers