Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

ASA VPN acesss issue

Hi, I was able to migrate my VPN clients off of the VPN 3030 Concentrator and onto the ASA 5520. THe problem I have is now the ASA sees these VPN clients coming from my outside interface and they can't get to the DMZ because I made specific NAT's and rules for the inside. Is there a way to make the VPN client's network seems like it's coming from the inside network?

1 ACCEPTED SOLUTION

Accepted Solutions

Re: ASA VPN acesss issue

You are welcome Daniel.

Please do not forget to rate the post and choose "resolved my problem" which was helpful and resolved your problem.

Regards

3 REPLIES

Re: ASA VPN acesss issue

Hi Daniel

No, there is no way for making VPN network seems like its coming from inside network, yet you dont need to. All you have to do is specifying NAT entry for DMZ interface for your VPN pool. A common way is exempt nat like following.

access-list dmz_nat0_outbound permit ip yourdmznetwork dmznetmask vpnpool vpnpoolnetmask

nat (DMZ) 0 access-list dmz_nat0_outbound

Regards

New Member

Re: ASA VPN acesss issue

Thanks husycisco, it's working now!

Re: ASA VPN acesss issue

You are welcome Daniel.

Please do not forget to rate the post and choose "resolved my problem" which was helpful and resolved your problem.

Regards

139
Views
0
Helpful
3
Replies
CreatePlease to create content