Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

accessing a public remote vpn from an inside interface asa 5505

I am trying to see if it is possible to accomplish what I am trying. I have an ASA 5505 with the following setup.

1. There is an outside connection, connected to the ISP. Lets say that it is 10.1.1.1/24 for ease. There is a remote VPN setup that people access through this interface.

2. There is the inside network which is the normal LAN. This is the wired network in the office. lets say that it is 172.20.0.1/24.

3. There is a wireless network on a seperate VLAN called WLAN. It has an IP of 192.168.1.1/24. There is an ACL allowing traffic from this VLAN to the public internet.

Basically I would like users to be able to use the same VPN settings that they use when connecting from outside the office while connected to WLAN.

Also I would like them to be able to access the public IP addresses that I have NAT'd to internal servers. That way they can use the IP addresses that they use when on the public internet.

Can this be done?

Everyone's tags (5)
1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: accessing a public remote vpn from an inside interface asa 5

Hello,

Well that is not going to be possible, the only thing that you can really do is to enable the crypto map on the WLAN facing interface, by design you cannot access VPN,ping Nor manage the Device on an interface that is not directly connected to you.

Hope this helps.

Mike

Mike
3 REPLIES
Cisco Employee

Re: accessing a public remote vpn from an inside interface asa 5

Hello,

Is it like you want the users on the WLAN to connecto via IPsec VPN client to the outside IP address of the firewall?

Let me know.

Mike

Mike
New Member

Re: accessing a public remote vpn from an inside interface asa 5

yes, that is exactly what I am trying to do.

Cisco Employee

Re: accessing a public remote vpn from an inside interface asa 5

Hello,

Well that is not going to be possible, the only thing that you can really do is to enable the crypto map on the WLAN facing interface, by design you cannot access VPN,ping Nor manage the Device on an interface that is not directly connected to you.

Hope this helps.

Mike

Mike
376
Views
5
Helpful
3
Replies
CreatePlease login to create content