Recently I build a remote access vpn on ASA 5510. Users are able to login from outside. I created a DMZ wireless zone for wireless users and they are not able to login to the VPN using public IP Address. I excluded nat from the wireless router IP to the public IP and it still not working. Keep in mind that the same IP Address is used for internet access (PAT).
Are these wireless users using the outside ip address as server for the vpn connection? If answer is yes then it is expected behavior, traffic that comes from a say zone of the firewall (DMZ) cannot reach an interface on another interface (outside) they should try using the DMZ interface and you should have the crypto map enabled on the dmz as well as the isakmp should be enabled on the dmz.
Make sure all of the nat and stuff are emulated on the firewall for traffic to go through.
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...