Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

2 questions re SSL VPN


I have recently implemented an SSL VPN solution for a customer and have a couple of questions.

1) We have a 10 user license and are authenticating users using AD. The network administrator wants to ensure that there is always a connection for him, therefore leaving other users to contend for the other 9 connections. Is this something that would be implemented on the ASA or on the AD server?

2) Is it possible to source NAT/overload the SSL VPN clients to the ASAs inside interface thus removing the requirement to redistribute a route to the SSL VPN client pool into the routing protocol? I've tried it and couldn't get it to work.

Another issue I came accross whilst doing this deployement, was that I had to configure NAT exemption for all traffic between the LAN and the SSL VPN clients, even though I had the "Enable traffic through the firewall without address translation" check box checked.

According to the config guides I shouldn't have needed this - has anyone else had this issue. I'm running 8.0(4)

Many Thanks in advance


CreatePlease to create content