Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Asa 5510 Access Public Servers from Remote Site-to-DummySite VPN

Hello

i ve Cisco Asa 5510 ( asa9.1(2) ) and several server behind it in DataCenter . two interfaces (DMZ,Outside) enabled and configured on it.

(lets assume public subnet : 10.0.0.0/28, DMZ subnet : 10.0.1.0/26 )

i ve public subnet routed to Outside and NAT ed DMZ. i also configured hairpinning for DMZ servers to access their public FQDN.

everything works fine.

now one of my client needs to access my public Servers over site-to-site vpn via using my public servers real addresses

i didnt want to share with them my real local and real public subnet ip addresses.

instead i created a dummy network object/subinterface/vlan (lets say 10.0.2.0/30).

than i told them my local net is 10.0.2.0/30 so they entered this subnet to their routers as remote network for site-to-site vpn settings.

but my client subnet cannot reach my public servers using my public servers real addresses.

what should i do ?

any help would be appreciated.

thank you

Regards

Everyone's tags (4)
169
Views
0
Helpful
0
Replies
CreatePlease to create content