so I've got a customer (custA) who wants to allow users of a customer of theirs (custB) to connect to custA's network via an ASA using Cisco VPN clients. I'm trying to secure it as much as possible. Can I somehow limit VPN Client connections to the ASA of custA from custB using the public IP of custB site?
The ASA has other LAN 2 LAN VPN sites that connect to it.
A LAN 2 LAN is not the preferred option here, specified by custA.
I have split tunneling to limit what IP's custB will connect to.
Via an ACL I have defined what ports and IP they connect to.
RSA will be used but in a couple of months time.
XAUTH is configured and using local usernames and passwords.
The public IP of custB is 220.127.116.11 (example for reference)
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...