Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

SSL VPN from the guest zone(from internal) to escalate access level

Hi guys, I'm ISA500 user. Single wan.

I have a configuration that all the wireless APs are connected to guest zone. Basically co-operate resources are sitting on default LAN zone as well. Because of BYOD, I cannot easily make ACLs to allow devices to utilize default zone resources.

One thing I'm thinking is that if I can make SSL VPN working from the guest zone, the assigned VPN zone IP address and the splitted routing can let me access default LAN zone resources.

Tried to make that happen with NAT hairpinning but the VPN daemon is bound with WAN IP only so could not make internal communication.

Anyone tried to make some case like this?

Everyone's tags (3)

Re: SSL VPN from the guest zone(from internal) to escalate acces

I've never had a need to set it up this way, but to the best of my knowledge there is no way to do that. Sorry.

Sent from Cisco Technical Support iPhone App

Shawn Eftink CCNA/CCDA Please rate all helpful posts and mark correct answers to assist others searching for solutions in the community.